CISA ransomware warning program set to fully launch by end of 2024 | #ransomware | #cybercrime

The Cybersecurity and Infrastructure Security Agency plans to fully launch by year’s end an automated vulnerability warning program to alert organizations that are running software with vulnerabilities being exploited by ransomware gangs, the agency’s director, Jen Easterly, said Wednesday.

Currently running in a pilot phase, the program is mandated by the Cyber Incident Reporting for Critical Infrastructure Act of 2022 and aims to reduce the number of ransomware attacks by getting the owners and operators of vulnerable systems to patch them before they can be infiltrated. 

“The warning pilot is focused on reducing the prevalence of ransomware by using our vulnerability scanning tools to let businesses know if they have vulnerabilities that need to be patched,” Easterly said at an event hosted by the Institute for Security and Technology.

Easterly said that the agency has issued 2,049 warnings since the pilot was launched in January of last year. It has since expanded to include CISA’s database of known exploited vulnerabilities as well as common misconfigurations that can be linked to ransomware attacks. 

Though breaches carried out by state-backed hackers tend to garner the most attention, ransomware attacks are arguably a more immediate, urgent threat. A recent ransomware attack on the payment processor Change Healthcare crippled parts of the U.S. health care system, and on Monday the company warned  that the sensitive and personal health information stolen in the breach could impact a “substantial portion” of the U.S. public.

In order to be alerted, Easterly said that organizations need to be signed up for CISA’s free cyber hygiene scanning tool but said the agency might also reach out if vulnerable devices are found on an internet-scanning service, such as Shodan. She said CISA would use its administrative subpoena power to alert organizations with vulnerable devices that are internet-facing. Around 7,000 organizations have signed up for the pilot.

Written by Christian Vasquez

Christian covers industrial cybersecurity for CyberScoop News. He previously wrote for E&E News at POLITICO covering cybersecurity in the energy sector. Reach out:  christian.vasquez at cyberscoop dot com

Source link


National Cyber Security