Expert Insights: Joint Cybersecurity Advisory Announced – CISA, FBI, EPA, NSA

By   ISBuzz Team
Writer , Information Security Buzz | Oct 18, 2021 02:57 am PST


The FBI, CISA, EPA and NSA announced yesterday a cybersecurity advisory that details ongoing cyber threats to U.S. water and wastewater systems. The advisory highlights ongoing malicious cyber activity targeting the IT and OT networks, systems, and devices of U.S. water and wastewater sector facilities, threatening the ability to provide clean, potable water to, and effectively manage the wastewater of, their communities.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Bill Lawrence
Bill Lawrence , CISO
October 18, 2021 10:53 am

<p>It is heartening to see the FBI, CISA, EPA, and the NSA working together with the Water ISAC and Dragos to put this alert together. Adversaries are looking to use spearphishing (targeted phishing) and exploits against unpatched software or outdated firmware to execute these attacks. From a people, processes, and technology viewpoint, user training should have been the number one recommendation so as to recognize phishing attempts, thwart ransomware, or respond rapidly if it takes hold, rather than the last bullet in the ‘additional mitigations’ strategy and buried near the end. I had not heard of the Department of State’s Rewards for Justice (RFJ) program; reporting foreign government malicious activity against U.S. critical infrastructure could earn up to $10 million.  That sounds so much better than recent legislation to penalize victims of ransomware for not reporting in a timely manner or when payouts are made.</p>

Last edited 2 years ago by Bill Lawrence

Recent Posts

Would love your thoughts, please comment.x