Ransomware notification

CISA to Prioritize Resource-Poor Organizations for Ransomware Vulnerability Warning Pilot

Gabriel Davis, an official with the Cybersecurity and Infrastructure Security Agency, said on Wednesday at FCW’s 2023 Cyber Summit that the agency will prioritize organizations without sufficient financial resources for cyber defense in the implementation of the Ransomware Vulnerability Warning Pilot program amid the rapid escalation of ransomware attacks primarily against critical infrastructure.

The Cyber Incident Reporting for Critical Infrastructure Act, which was signed into law by President Joe Biden in March 2022, mandated the establishment of RVWP to help secure the systems of critical infrastructure organizations from ransomware attacks and keep agencies up to date on possible attack targets to allow their security teams to implement appropriate measures, FCW reported.

Davis, the risk operations federal lead, said his team kicked off the pilot by sending warning notifications related to the ProxyNotShell vulnerability, which targeted Microsoft Exchange servers and left more than 60,000 of those servers susceptible to attacks.

CISA said many ransomware incidents are perpetrated through known vulnerabilities but most organizations are unaware that such vulnerabilities are present in their network. RVWP will warn critical infrastructure organizations and environments like hospitals and water systems about the vulnerabilities that may be used by ransomware threat actors.