The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
WaterISAC is sharing this for member awareness. The City of Wichita reported a ransomware incident that started over the weekend and shut down much of the city’s core services which have yet to be restored. As reported, the incident affected a wide portion of public services including the city’s airport, public transport, and water department. It appears this incident has only impacted the water account billing systems, which is highly common with cyber incidents at cities/municipalities.
CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – May 7, 2024
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
The FBI, the Department of State, and the NSA jointly issued an advisory to highlight attempts by Democratic People’s Republic of Korea (DPRK, a.k.a. North Korea) Kimsuky cyber actors to exploit improperly configured DNS Domain-based Message Authentication, Reporting and Conformance (DMARC) record policies to conceal social engineering attempts.
WaterISAC is sharing this for member awareness. Utilities using Dropbox Sign (with or without an account) are encouraged to review and address accordingly.
Today, Andrew Scott, Associate Director for China Operations at CISA, drew more attention to the threat posed by China on critical infrastructure in a blog post.
Yesterday, CISA and a cadre of U.S.
Earlier this week,DHS marked the 180-day mark of President Biden’s Executive Order (EO) 14110, “Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (AI)” by unveiling new resources to address threats posed by AI including:
In a recent blog post, CISA staff drew awareness to CISA’s Ransomware Vulnerability Warning Pilot (RVWP), a tool used to proactively reduce risk through direct communication with federal government, state, local, tribal, territorial (SLTT) government, and critical infrastructure entities to help combat ransomware.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
