"Over 850 Vulnerable Devices Secured Through CISA Ransomware Program"

According to the Cybersecurity and Infrastructure Security Agency (CISA), the US government and critical infrastructure entities were sent 1754 ransomware vulnerability notifications under the Ransomware Vulnerability Warning Pilot (RVWP) program in 2023, resulting in 852 vulnerable devices being secured or taken offline. The highest number of alerts were sent to government facilities (641), which encompasses a range of federal, state, and local government organizations, including schools and higher education facilities. Healthcare and public health received the second highest number of ransomware vulnerability notifications, at 440. This was followed by energy (173), financial services (127), transportation (83), and critical manufacturing (69). CISA noted that close to half (49%) of all of vulnerable devices were either patched, implemented a compensating control, or taken offline after receiving a RVWP notification. CISA announced the RVWP initiative in March 2023. It aims to reduce the risk of ransomware attacks on government and critical infrastructure organizations by proactively warning them to mitigate vulnerabilities commonly associated with known ransomware exploitation.

Infosecurity Magazine reports: "Over 850 Vulnerable Devices Secured Through CISA Ransomware Program"