The U.S. Cybersecurity and Infrastructure Agency (CISA) launched a pilot program which aims to help critical infrastructure entities better protect their systems against ransomware attacks by fixing exploitable vulnerabilities in their internet-facing systems.
According to The HIPAA Journal, the Ransomware Vulnerability Warning Pilot (RVWP) program is authorized under the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) of 2022 and commenced on January 30, 2023. Under the program, CISA conducts scans to determine if Internet-exposed systems contain vulnerabilities that could potentially be exploited by ransomware actors to gain access to their networks. Alerts are then sent to those entities by CISA’s regional cybersecurity personnel to inform them that vulnerabilities exist, which will allow timely action to be taken to fix the flaws before they can be exploited by ransomware gangs or other malicious actors. CISA says critical infrastructure entities may be unaware that they have exploitable vulnerabilities in their systems and may only discover unpatched vulnerabilities once they have been exploited in a ransomware attack. CISA said the RVWP program leverages existing services, data sources, technologies, and authorities including CISA’s Cyber Hygiene Vulnerability Scanning Service and the Administrative Subpoena Authority granted to CISA under Section 2009 of the Homeland Security Act of 2022.