CISA Releases Details on Ransomware Groups' Attack Tactics to Help Organizations Defend Critical Infrastructure

CISA shares details on misconfigurations and vulnerabilities exploited by ransomware groups to help critical infrastructure organizations defend against attacks.

CISA's Ransomware Vulnerability Warning Pilot program has identified over 800 vulnerable systems since January 2022.

CISA added a column in its known exploited vulnerabilities catalog indicating vulnerabilities used in ransomware campaigns.

CISA also released a list of misconfigurations and weaknesses ransomware actors exploit.

This effort is part of CISA's broader response to the escalating ransomware threat, including new guidance, partnerships, and resources for organizations.