The US Cybersecurity and Infrastructure Security Agency (CISA) announced on Monday the creation of a new Ransomware Vulnerability Warning Pilot (RVWP) program.
Originating from the Critical Infrastructure Cyber Incident Reporting Act of 2022 (CIRCIA) and coordinated by the Joint Ransomware Task Force (JRTF), the RVWP allows CISA to identify flaws commonly associated with known ransomware exploits. Evaluate.
After discovering these vulnerabilities, the agency alerts critical infrastructure entities with the goal of enabling mitigation before ransomware incidents occur.
To identify entities vulnerable to bugs, CISA relies on a variety of existing services, data sources, technologies, and authorities, including the Cyber Hygiene Vulnerability Scanning service.
Authorities have confirmed that they have notified 93 organizations running instances of the Microsoft Exchange Service about a previously exploited vulnerability called “ProxyNotShell.”
More information on ProxyNotShell can be found here: Over 100 CVEs Addressed in First Patch Tuesday 2023
“Ransomware attacks continue to cause unacceptable levels of damage to organizations across the country, including many target-rich and resource-poor entities like many school districts and hospitals,” said CISA Executive Assistant Director of Cybersecurity. says Eric Goldstein.
“RVWP will enable CISA to provide timely, actionable information that can directly reduce the prevalence of damaging ransomware incidents affecting American organizations.”
Commenting on the news, Jamie Boote, Associate Principal Consultant at Synopsys, said that while RVWP is a good starting point for cybersecurity, it should be noted that problems and vulnerabilities rarely appear in isolation. said.
“Whenever an external scan finds a vulnerability, security teams use it as an opportunity to break the discovery-and-remediation loop, find out what caused that vulnerability to be released into production, and find similar vulnerabilities. We need to investigate how, and how to prevent it, in the future,” explained Boote.
“These scanning efforts are just the beginning for both federal cybersecurity efforts and teams. […] On the receiving end of the vulnerability disclosure. “
The RVWP program came just weeks after the White House launched the National Cybersecurity Strategy.
