Ransomware Resilience – CISA Announces Ransomware Vulnerability Warning Pilot

CISA has announced the establishment of the Ransomware Vulnerability Warning Pilot (RVWP). Through the RVWP, CISA will determine vulnerabilities commonly associated with known ransomware exploitation and warn critical infrastructure entities of those vulnerabilities. The goal of the advanced warning is to help organizations proactively implement mitigation before a ransomware incident occurs. The RVWP will identify organizations with internet-accessible vulnerabilities commonly associated with known ransomware actors by using existing services, data sources, technologies, and authorities, including their free Cyber Hygiene Vulnerability Scanning service. CISA notifications will contain key information regarding the vulnerable system, such as the manufacturer and model of the device, the IP address in use, how CISA detected the vulnerability, and guidance on how the vulnerability should be mitigated. Read more about the RVWP at Stop Ransomware.