[LAUREN TAYLOR]
Ransomware attacks wreak havoc on organizations of all sizes, leaving a devastating trail in their wake. Who is the culprit? Malicious cyber attackers, businesses and organizations exploiting vulnerabilities are unaware of it.
To combat this, the Cybersecurity and Infrastructure Security Agency, part of the Department of Homeland Security, launched a ransomware vulnerability alert pilot. This program alerts organizations to potential ransomware threats, potentially saving them millions of dollars in damages.
For example, UnitedHealth Group suffered a ransomware attack earlier this year that caused a nationwide health service outage. The attack cost the company $872 million in losses. Hackers allegedly stole 6 terabytes of his patient data, and a ransomware group demanded a $22 million ransom from United Health for him.
Jen Easterly
Director | Cybersecurity and Infrastructure Security Agency
“We have normalized the fact that we are shifting the burden of cybersecurity to the individuals and small businesses least equipped to bear it. We have normalized this unusually rigged incentive alignment that prioritized speed to market, cost savings, and superior features.”
[LAUREN TAYLOR]
By remediating these weaknesses, organizations can significantly reduce the risk of falling prey to cyber extortionists and avoid the costly consequences that follow.
The Ransomware Vulnerability Alert Pilot Program is currently in the pilot phase with 7,000 organizations and aims to be fully operational by the end of 2024.
Here's how it works: CISA identifies vulnerabilities, alerts participating organizations, and provides them with the information they need to patch their systems and prevent attacks.
But privacy advocates have raised concerns about CISA's introduction of administrative subpoenas, one of the program's tools.
A review of CISA's procedures in 2022 showed that CISA can issue subpoenas to organizations or individuals to provide information on internet-based systems without a court order. These subpoenas do not require judicial review. Also, you cannot opt out or refuse.
Furthermore, subpoenas can be secretly issued without the knowledge or consent of the targeted individual or organization. If CISA discovers a suspected cybersecurity-related incident, it can store the personal information it finds for six months.
CISA ensures that its employees promptly delete personally identifiable information according to established procedures. However, the lack of judicial oversight and the secretive nature of these agents have raised concerns about potential privacy violations and abuses of power.
CISA offers its own cybersecurity tools and has begun a process for organizations to submit their own free tools and services for the public and private sectors.
