The Cybersecurity and Infrastructure Security Agency (CISA) published a blog post on agency efforts to reduce ransomware threat and encourage participation in cyber hygiene vulnerability scanning.

Ransomware continues to evolve as a scourge on critical services, businesses, and communities worldwide, causing costly incidents that are increasingly destructive and disruptive. Based on recent industry reporting, it costs businesses an average of $1.85 million to recover from a ransomware attack. In addition, 80 percent of victims who paid a ransom were targeted and victimized again by these cybercriminals. The economic, technical, and reputational impacts of ransomware incidents, throughout the initial disruption and, at times, extended recovery, continue to pose a challenge for organizations large and small.

To directly reduce the attack surface and impact of ransomware attacks, CISA’s Ransomware Vulnerability Warning Pilot (RVWP) focuses on proactive risk reduction through direct communication with federal government, state, local, tribal, territorial (SLTT) government, and critical infrastructure entities to prevent threat actors from accessing and deploying ransomware on their networks. Aligned with the Joint Ransomware Task Force, this pilot provides timely notification to critical infrastructure organizations to mitigate vulnerabilities and protect their networks and systems by using existing services, data sources, technologies, and authorities.

A key service used for warning organizations of ransomware-related vulnerabilities is CISA’s Cyber Hygiene Vulnerability Scanning, which monitors internet-connected devices for known vulnerabilities and is available to any organization. Organizations participating in this no-cost service typically reduce their risk and exposure by 40 percent within the first 12 months and most see improvements in the first 90 days. Because the service looks for exposed assets, whether planned or inadvertent, it identifies vulnerabilities that would otherwise go unmanaged. For its use in support of RVWP, it informs organizations of those vulnerabilities commonly associated with known ransomware exploitation.

Giving organizations an opportunity to mitigate known vulnerabilities on their internet- exposed devices also significantly helps organizations reduce their likelihood of a cyber incident. Currently, CISA’s Cyber Hygiene Vulnerability Scanning has more than 7,600 organizations across all sectors and has identified more than 3 million known vulnerabilities for participants since 2022. By partnering with CISA in this service, you are not just securing your digital assets; you are making a no-cost, low-risk strategic choice to achieve measurable improvements and proactively protect your business’s reputation and future!

Organizations are urged to take the following actions to help #StopRansomware:

• Enroll in the no-cost CISA Cyber Hygiene Vulnerability Scanning.
• Review the #StopRansomware Guide, which includes a valuable and useful checklist
  on how to respond to a ransomware incident and protect your organization.
• Always report observed ransomware activity, including indicators of compromise (IOCs)
  and tactics, techniques, and procedures (TTPs), to CISA, the NJCCIC, and our federal
  law enforcement partners.