The team logo
Daily Brief Changelog
v0.7

Article Details

Scrape Timestamp (UTC): 2024-05-07 20:02:40.179

Source: https://www.theregister.com/2024/05/07/cisas_ransomware_warnings/

Original Article Text

Click to Toggle View

CISA's early-warning system helped critical orgs close 852 ransomware holes. In the first year alone, that's saved us all a lot of money and woe. RSAC As ransomware gangs step up their attacks against healthcare, schools, and other US critical infrastructure, CISA is ramping up a program to help these organizations fix flaws exploited by extortionists in the first place. The US government's cybersecurity nerve center launched its Ransomware Vulnerability Warning Pilot scheme in January 2023, and during its first year the system sent out 1,754 notifications to entities operating internet-accessible vulnerable devices. The idea being that those orgs shut the identified holes ASAP to avoid being held to ransom. "We proactively look for these vulnerabilities, and make notifications to critical infrastructure organizations to let them know that the vulnerabilities in question are being exploited by ransomware threat groups, and that they should remediate those vulnerabilities as soon as possible," Gabe Davis, CISA's acting risk intelligence and operations section chief, told The Register in an interview you can watch below. Youtube Video According to the Homeland Security agency almost half (852, or 49 percent) of these notifications resulted in organizations either patching, taking systems briefly offline to fix the issue, or in some other way mitigating exploitable flaws. The pilot program came out of the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) that President Biden signed into law in March 2022. It's set to launch as a fully automated warning system by the end of next year. This is one of the many tools CISA offers to Americans to help them combat ransomware and other cyber threats, according to Davis. "In the spirit of NBA playoff season, I'm going to use the analogy of a full-court press," he said. "We're going to continue doing all the things to try to impact the capability of these threat actors to operate and make it financially and operationally difficult for them to execute on these organizations."

Daily Brief Summary

CYBERCRIME // CISA Enhances US Security Against Rising Ransomware Threats

CISA launched the Ransomware Vulnerability Warning Pilot in January 2023 to identify and notify organizations of vulnerabilities exploited by ransomware gangs.

In its first year, 1,754 notifications were sent out to entities with internet-exposed devices, aimed at closing security gaps quickly.

Resultingly, 852 notifications led to actions such as patching or temporary system shutdowns to mitigate risks.

This program is a direct result of the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) signed by President Biden in March 2022.

The pilot scheme is set to evolve into a fully automated warning system by the end of the next year.

The initiative is part of a broader strategy by CISA to combat cyber threats, using proactive measures to make it financially and operationally difficult for threat actors.

Acting section chief Gabe Davis likened CISA's comprehensive cybersecurity approach to a "full-court press" during the NBA playoff season, emphasizing relentless defense against cyber threats.