CISA Launches Ransomware Vulnerability Warning Pilot

The goal of 's pilot is to prevent threat actors from accessing and deploying ransomware on their networks.

by Samiksha Jain April 26, 2024 in Cybersecurity News, Firewall Daily, Ransomware News Reading Time: 3 mins read 0

593 SHARES 3.3k VIEWS Share on LinkedInShare on Twitter

In response to this growing threat, the Cybersecurity and Infrastructure Security Agency (CISA) has launched the (). This initiative focuses on proactive risk reduction through direct communication with the federal government, state, local, tribal, territorial (SLTT) government, and critical infrastructure entities. The goal is to prevent threat actors from accessing and deploying ransomware on their networks.

Ransomware, a persistent threat to critical services, businesses, and communities worldwide, continues to evolve, causing costly and disruptive incidents. Recent industry reports estimate that businesses spend an average of $1.85 million to recover from a ransomware attack.

Moreover, a staggering 80% of victims who paid a ransom were targeted again by these criminals. The economic, technical, and reputational impacts of ransomware incidents pose significant challenges for organizations large and small.

CISA's Ransomware Vulnerability Warning Pilot 

Aligned with the Joint Ransomware Task Force, RVWP provides timely notifications to critical infrastructure organizations, allowing them to mitigate vulnerabilities and protect their networks and systems. By leveraging existing services, data sources, technologies, and authorities, CISA aims to reduce the attack surface and impact of .

A key component of Pilot is the Cyber Hygiene Vulnerability Scanning service, which monitors internet-connected devices for known vulnerabilities. This service, available to any organization, has proven highly effective in reducing risk and exposure. Organizations typically see a 40% reduction in risk within the first 12 months, with most experiencing improvements within the first 90 days.

By identifying exposed assets and vulnerabilities, Cyber Hygiene Vulnerability Scanning helps organizations manage risks that would otherwise go unnoticed. Specifically for Pliot, this service notifies organizations of vulnerabilities commonly associated with ransomware exploitation.

The Success of RVWP in 2023

In Calendar Year (CY) 2023, RVWP completed 1,754 notifications to entities operating vulnerable internet-connected devices. Following these notifications, CISA conducted regular vulnerability scans to assess mitigation efforts. Of the 1,754 notifications, 49% of vulnerable devices were either patched, implemented compensating controls, or taken offline after CISA's intervention.

CISA's regional teams collaborate closely with notified entities to ensure timely mitigation efforts, enhancing the overall effectiveness of the Ransomware Vulnerability Warning Pilot.

RVWP enables organizations across critical infrastructure sectors to strengthen their networks against known ransomware vulnerabilities.

By reducing the effectiveness of ransomware tools and procedures, Pliot increases operational costs for ransomware gangs and contributes to deterrence by denial.

Taking Action to #StopRansomware

CISA urges organizations to take proactive measures to protect against ransomware. These measures can include:

  1. Enroll in CISA Cyber Hygiene Vulnerability Scanning: This no-cost service helps organizations raise their cybersecurity posture and reduce business risk by identifying and mitigating vulnerabilities.
  2. Review the # Guide: Utilize the valuable checklist on how to respond to a ransomware incident and protect your organization.
  3. Report Ransomware Activity: Always report observed ransomware activity, including indicators of compromise and tactics, techniques, and procedures (TTPs), to CISA and federal law enforcement partners.

By partnering with CISA and implementing these measures, organizations can effectively combat ransomware and safeguard their digital assets and future.


Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button