Earlier this year, CISA (Cybersecurity and Infrastructure Security Agency) launched a new program to help protect critical infrastructure institutions by safeguarding their information systems from ransomware cybercriminals. The two main purposes of this new program, called Ransomware Vulnerability Warning Pilot (RVWP), are to identify critical infrastructure entities at risk for known vulnerabilities and to help remediate these vulnerabilities before the entities get attacked.
The program comes as a response to recent incidents where attackers have targeted critical infrastructure operators in the U.S., disrupting operations and causing significant economic impact. These attacks have become increasingly sophisticated, targeting vulnerabilities in both IT and operational technology (OT) systems. This has resulted in disturbances to essential services, including the healthcare, energy, transportation, and financial sectors. As a result, CISA has called on critical infrastructure operators to take steps to mitigate the risk of attack by implementing recommended security measures and developing response plans.
This is all part of a larger effort by the U.S. government to address the growing threat of ransomware attacks, which have been on the rise in recent years. The Biden administration has made cybersecurity a top priority and is pushing for increased collaboration between the public and private sectors to address the issue.
CISA recommends that critical infrastructure operators take a risk-based approach to prioritize their security efforts, focusing on securing their most critical systems first. It is advised the following measures are taken to protect against and minimize the impact of any potential attacks.
- Regularly update software and hardware systems, including network devices and IoT devices, with the latest security patches and updates.
- Conduct regular vulnerability scans and assessments to identify and address potential security weaknesses.
- Implement multi-factor authentication to reduce the risk of unauthorized access to critical systems.
- Create robust backup and recovery plans to enable rapid recovery of critical systems in the event of a ransomware attack.
- Conduct regular security awareness training for employees to educate them about the risks of ransomware attacks and how to avoid falling victim to phishing scams.
This is not a complete list of measures that need to be taken, but it is definitely a good starting point when starting to build a robust cyber defense strategy. If you need more guidance, Alvaka is available 24×7 at (949) 428-5000 to answer any questions or help you in your efforts.