The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
July 21, 2021
The Cybersecurity and Infrastructure Security Agency (CISA) updated the Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department advisory with a caveat providing clarification on the original indicators of compromise (page 7).
July 19, 2021
The Homeland Security Systems Engineering and Development Institute, sponsored by the Department of Homeland Security and operated by MITRE, has released the 2021 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses list. At first blush, this list may seem more relevant to the IT/business applications side of your utility – and you aren’t wrong.
Pulse Connect Secure (PCS) SSL VPN - Vulnerabilities being Actively Exploited - Updated July 22, 2021
Reminder: If your utility uses Ivanti Pulse Connect Secure (PCS) SSL VPN, WaterISAC highly recommends tracking and reviewing current notifications/alerts/advisories for important developments.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
In the survey conducted by the Water Sector Coordinating Council, Cybersecurity: 2021 State of the Sector, participants were asked about concerns regarding the exchange of organizational information on cybersecurity threats, vulnerabilities, mitigation, and security incidents with external organizations. While over 30% identified no barriers, 60% noted lack of know-how (37.76%) and lack of trust around maintaining confidentiality of information shared (22.39%).
Today the Cybersecurity and Infrastructure Security Agency (CISA) launched a webpage with links to advisories and other reports on significant cyber-intrusion campaigns targeting industrial control systems (ICS). The first of the reports is new, providing details on a Chinese state-sponsored activity against U.S. oil and nature gas pipeline companies from 2011 to 2013. Despite the period of this activity, CISA notes the tactics, techniques, and procedures remain relevant to help network defenders protect against intrusions.
The Federal Emergency Management Agency’s (FEMA’s) Emergency Management Institute (EMI) has released its 2022 schedule for the Virtual Tabletop Exercise (VTTX) Program. Each VTTX is four hours in length and will allow participants to apply the Strategic Priorities to a realistic scenario in a facilitated, no fault, hazard-specific exercise discussion. Scenarios this year include:
Attention: Environments that support printing through all supported (and Extended Security Update) versions of Windows OS are encouraged to regularly track and address updates to this vulnerability.
Update July 19, 2021
CISA launched a StopRansomware initiative to bring greater awareness to this global cyber threat epidemic. The newly refreshed page has been rebranded and reorganized, and offers consolidated ransomware resources from all federal government agencies. While CISA did register a separate domain (stopransomware.gov) – presumably so they control it and so it’s not taken over by miscreants – the new domain redirects to a cisa.gov root domain (at least for the moment).
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
