US cybersecurity officials are unveiling a new program to warn critical American companies that their systems are vulnerable to ransomware attacks before the hackers can successfully strike.
The new federal program – details of which were shared exclusively with CNN – is needed because “the pace and the impact of (ransomware) intrusions are still unacceptable,” said Eric Goldstein, a senior official at the US Cybersecurity and Infrastructure Security Agency.
Ransomware attacks, like the 2021 incident that temporarily shut down one of America’s largest fuel pipelines, have disrupted key services important to American life and made the issue a national and economic security concern for the Biden administration.
But federal officials and private researchers have sometimes struggled in recent years to get in touch with key organizations like hospitals or universities in the crucial window between when a hacker gains access to a network and when they lock up the network and demand a multimillion-dollar ransom.
The new CISA program is trying to change that. So far in 2023, the agency claims it has notified about 60 organizations in key sectors like healthcare and water that they could fall victim to ransomware. Many were able to prevent their systems from being encrypted, Goldstein said. In other cases, he said, “we got there in time to help, but not in time prevent (the hackers) from taking any action.”
The program is straightforward and relies on backchannels between researchers, government officials and potential victims.
Many of the early warning signs of a potential ransomware attack are public, such as a vulnerable computer at an organization that is exposed to the internet. CISA has an email tip line that outside cybersecurity experts can use to flag when they see such a vulnerability, and the agency then rushes to get in touch…
Read the full article here