March 15 – On Monday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced the creation of a new Ransomware Vulnerability Warning Pilot (RVWP) program.
The program will proactively track common cyber vulnerabilities that are under exploit by ransomware attackers, and will alert exposed organizations to risks.
Shortly after the program’s initial launch, it notified 93 organizations of vulnerability to a recent Microsoft Exchange Service “ProxyNotShell” vulnerability, which was under open attack by ransomware operators.
How it works
CISA intends for the RVWP to leverage an awareness and information-sharing model to help critical infrastructure organizations prevent future cyber attacks.
In order to determine which organizations are most vulnerable to certain threats, CISA will rely on various existing services, data sources, technologies and authorities. This includes its Cyber Hygiene Vulnerability Scanning service.
The state of ransomware
Ransomware attacks continue to cause harm to organizations on a daily basis. Nearly every organization represents a viable target.
In 2022, Temple University documented more than 1,100 ransomware incidents among critical infrastructure groups alone.
Every successful attack encourages ransomware groups to become even bolder and to set up even more sophisticated and potentially damaging or life-threatening attacks.
“The RVWP will allow CISA to provide timely and actionable information that will directly reduce the prevalence of damaging ransomware incidents affecting American organizations,” says CISA’s executive assistant director for cyber security, Eric Goldstein.
CISA’s scanning initiative represents the beginning of new federal cyber security efforts on behalf of critical infrastructure agencies.
The RVWP program’s rollout follows on the heels of a recent White House National Cybersecurity Strategy launch.
The Strategy notes that ransomware represents a threat to national security, public safety and economic prosperity. Subsequently, the strategy outlined steps that the federal government would take in order to bolster resilience.
U.S. CISA funding for 2023
President Joe Biden’s fiscal year 2024 budget request has proposed $3.1 billion in funding for CISA. This represents a $145 million increase to the agency’s current budget. Budgetary documents note that this includes $98 million for the implementation of the Cyber Incident Reporting for Critical Infrastructure Act.
Learn more about the latest U.S. cyber security policy initiatives here. Lastly, to receive more cutting-edge cyber security news, best practices and analyses, please sign up for the CyberTalk.org newsletter.