Cybersecurity

Cyber Resilience – Impact on National Security in the Face of Government Shutdowns

In a recent report from Forbes, the nation's cybersecurity was in a tight spot when Congress passed a bill to keep the government running for the next 45 days. A government shutdown could have caused problems for many government functions, including those responsible for protecting the country from cyberattacks. Depending on how long the shutdown lasted, it could have led to a crisis for companies and organizations across the country.

Read more about Cyber Resilience – Impact on National Security in the Face of Government Shutdowns

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – October 3, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.

Alerts, Updates, and Bulletins:

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – October 3, 2023

NSA Releases Guidance on Acceptance Testing for Supply Chain Risk Management

The National Security Agency (NSA) has released the Cybersecurity Information Sheet (CSI) “Procurement and Acceptance Testing Guide for Servers, Laptops, and Desktop Computers,” encouraging U.S. government departments and agencies operating National Security Systems (NSS) to implement a robust supply chain risk management strategy.

Read more about NSA Releases Guidance on Acceptance Testing for Supply Chain Risk Management

Joint Cybersecurity Advisory – People's Republic of China-Linked Cyber Actors Hide in Router Firmware

WaterISAC regularly provides awareness of recent CISA reporting. While direct relevance to your utility/organization on the details of each report may vary, activity alerts like this are practical for general awareness and greater understanding of active threats and adversary capabilities.

Read more about Joint Cybersecurity Advisory – People's Republic of China-Linked Cyber Actors Hide in Router Firmware

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – September 28, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases Three Industrial Control Systems Advisories

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – September 28, 2023

CISA Launches National Public Service Announcement Campaign Encouraging Americans to Take Steps to Keep Themselves and Their Families Safe Online

The Cybersecurity and Infrastructure Security Agency (CISA) has announced the launch of “Secure Our World,” a nationwide cybersecurity public awareness campaign to educate all Americans on how to stay safe online.

Read more about CISA Launches National Public Service Announcement Campaign Encouraging Americans to Take Steps to Keep Themselves and Their Families Safe Online

ZeroFont Phishing Technique Targets Automated Email Security Platforms

Bleeping Computer has written an article discussing the ZeroFont phishing technique and its implications for network defense.

Read more about ZeroFont Phishing Technique Targets Automated Email Security Platforms

Supplemental Cyber Highlights – September 28, 2023

The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

ICS/OT/SCADA Threats & Vulnerabilities

Read more about Supplemental Cyber Highlights – September 28, 2023

Insider Threat Awareness – Costs of Insider Threat Incident and Recovery Time on the Rise

The cost of an insider threat compromising an organization is at the highest it’s ever been, according to a recent report from the cybersecurity firm DTEX Systems. The report also found organizations are spending more time to recover from an insider threat incident.

Read more about Insider Threat Awareness – Costs of Insider Threat Incident and Recovery Time on the Rise

Security Awareness – Rockwell Study Reveals Significant Increase in Attacks on Critical Infrastructure OT/ICS Systems

A recently published study by Rockwell Automation, “Anatomy of 100+ Cybersecurity Incidents in Industrial Operations,” revealed OT/ICS security incidents have increased significant over the past few years and a large majority of the attacks were perpetrated by state-affiliated threat actors, among other notable findings.

Read more about Security Awareness – Rockwell Study Reveals Significant Increase in Attacks on Critical Infrastructure OT/ICS Systems

You are here

Cybersecurity

Cyber Resilience – Impact on National Security in the Face of Government Shutdowns

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – October 3, 2023

NSA Releases Guidance on Acceptance Testing for Supply Chain Risk Management

Joint Cybersecurity Advisory – People's Republic of China-Linked Cyber Actors Hide in Router Firmware

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – September 28, 2023

CISA Launches National Public Service Announcement Campaign Encouraging Americans to Take Steps to Keep Themselves and Their Families Safe Online

ZeroFont Phishing Technique Targets Automated Email Security Platforms

Supplemental Cyber Highlights – September 28, 2023

Insider Threat Awareness – Costs of Insider Threat Incident and Recovery Time on the Rise

Security Awareness – Rockwell Study Reveals Significant Increase in Attacks on Critical Infrastructure OT/ICS Systems

Pages

You are here

Cybersecurity

Pages

Footer Email Signup