DHS Cybersecurity and Critical Infrastructure Webinar – Round 2

 

 

 

For those of you who were unable to participate in the first webinar providing updates regarding the Presidential Executive Order 13800 on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure, the National Protection and Programs Directorate (NPPD) would like to invite you to join a second session of the webinar at 1:00 p.m. EDT on Tuesday, June 27.  This second session of the webinar will cover the same updates, focusing, in particular on Section 2, titled Cybersecurity of Critical Infrastructure, as well as provide participants the opportunity to ask questions.

Advance registration is not required.

To Join the Meeting:  https://share.dhs.gov/cybersecurity_eo_update_27june2017/

Dial –In Conference Bridge:  1-888-324-0239

Participant Passcode: 3990134#

The Conference line will open 30 minutes prior to the scheduled start time of the call.

If you have any questions or concerns about this matter, contact the NICC at 202-282-9201 or NICC@hq.dhs.gov.

October is National Cyber Security Awareness Month

Plan Ahead!

October is National Cyber Security Awareness Month (NCSAM), a collaborative effort between DHS, the National Cyber Security Alliance, and other public and private partners to raise awareness about the importance of cybersecurity and individual cyber hygiene.

Each week of NCSAM is dedicated to a specific cybersecurity theme, with related activities and events happening across the country:

  • October 2-6, 2017: Simple Steps to Online Safety. Week 1 will address the top consumer cybersecurity concerns, provide simple steps to protect against these concerns, and help the public understand what to do if they fall victim to cybercrime.
  • October 9-13, 2017: Cybersecurity in the Workplace is Everyone’s Business. Week 2 will showcase how organizations can protect against the most common cyber threats. The week will also look at resources to help organizations strengthen their cyber resilience, including the Cybersecurity Framework.
  • October 16-20, 2017: Today’s Predictions for Tomorrow’s Internet. Week 3 will remind citizens that their sensitive, personal information is the fuel that makes smart devices work. While there are tremendous benefits of this technology, it is critical to understand how to use these cutting-edge innovations in safe and secure ways.
  • October 23-27: The Internet Wants YOU:  Consider a Career is Cybersecurity.  Week 4 will encourage students and other job seekers to explore cybersecurity careers.  Key influencers – like parents, teachers, and state and local officials – will learn more about this growing field and how to engage youth in pursuing cybersecurity careers.
  • October 30-31:  Protecting Critical Infrastructure from Cyber Threats.  Week 5 will look at cybersecurity in relation to keeping our traffic lights, running water, phone lines, and other critical infrastructure secure.

 

DHS Shares Cyber Security Contact Information

Much like the Protective Security Advisors that have been operating within the Water Sector for several years, DHS is now working to develop a cadre of advisors that specialize in cyber security.  At present, their numbers are fewer than their Protective Security counterparts, but they are growing in numbers.  Here’s who they are and how to reach them:

 

CSA (Role / Title) Location Name (Last, First MI) Email DHS Cell Phone
     
Chief of Field Operations/Supervisory CSA Region 3 – Pittsburgh, PA Willke, Bradford J. bradford.willke@hq.dhs.gov 202-380-5899
Sr Cyber Security Advisor, Western U.S. Region 9 – Los Angeles, CA McElroy, Deron deron.t.mcelroy@hq.dhs.gov 213-310-1852
Cyber Security Advisor, Region I Region 1 – Boston, MA Vacant  
Cyber Security Advisor, Region II Region 2 – New York, NY Richard Jr., Richard S. richard.richard@hq.dhs.gov 631-241-3662
Cyber Security Advisor, Region III Region 3 – Philadelphia, PA Vacant  
Cyber Security Advisor, Region IV Region 4 – Atlanta, GA Walker, Klint klint.walker@hq.dhs.gov 404-895-1127
Cyber Security Advisor, Region V Region 5 – Chicago, IL Enriquez, Antonio P. antonio.enriquez@hq.dhs.gov 202-809-7894
Cyber Security Advisor, Region VI Region 6 – Dallas, TX Adams, Chad E. chad.adams@hq.dhs.gov 202-380-6024
Cyber Security Advisor, Houston-District Region 6 – Houston, TX Reeves, George george.reeves@hq.dhs.gov 281-714-1259
Cyber Security Advisor, Region VII Region 7 – Kansas City Selected – Awaiting SSO  
Cyber Security Advisor, Region VIII Region 8 – Denver, CO Rinerson, Harley harley.rinerson@hq.dhs.gov 202-809-3314
Cyber Security Advisor, Region IX Region 9 – San Francisco, CA Vacant  
Cyber Security Advisor, Region X Region 10 – Seattle, WA Vacant  
Cyber Security Advisor, Region IX Region 9 – Los Angeles, CA Edmonds, Arthur arthur.edmonds@hq.dhs.gov 415-793-7147

 

 

Ransomware Recommendations Update

Our colleagues at DHS have informed us that Microsoft has provided specific risk management steps for WannaCry at the following location:  https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

WannaCry continues to pose significant risks and virtually any organization is at potential risk of attempted WannaCry propagation.

Ransomware Response Recommendations

Our colleagues at DHS recommend that if any of your water systems are victims of a ransomware attack, they should take the following steps:

  1. Please contact your FBI Field Office Cyber Task Force (fbi.gov/contact-us/field/field-offices) immediately to report a ransomware event and request assistance. These professionals work with state and local law enforcement and other federal and international partners to pursue cyber criminals globally and to assist victims of cyber-crime.
  2. Please report cyber incidents to the US-CERT (us-cert.gov/ncas) and FBI’s Internet Crime Complaint Center (www.ic3.gov).

For more information on cyber protections and the WannaCry Ransomware:

Microsoft Ending Support for Windows Vista

Editor’s Note:  This information was provided by our colleagues at the WaterISAC.

If you know of any water systems still using the Windows Vista operating system, please let them know about the following ASAP.

“All software products have a lifecycle.  After April 11, 2017, Microsoft is ending support for the Windows Vista operating system.  After this date, this product will no longer receive security updates, non-security hotfixes, free or paid assisted support options, or online technical content updates from Microsoft.  Computers running the Windows Vista operating system will continue to work even after support ends.  However, using unsupported software may increase the risks of viruses and other security threats.  Users and administrators are encouraged to upgrade to a currently supported operating system.  For more information, see Microsoft’s Vista support and product lifecycle articles.”

DHS Hosts National Cyber Incident Response Plan Webinars

You are invited to attend any one of four webinars hosted by DHS to learn more about and share your thoughts on the newly released National Cyber Incident Response Plan (NCIRP).  This is an essential component of DHS’s mission to strengthen the security and resilience of the Nation by working to improve the ability of all to manage cyber incidents.

You do not need to register in advance, on the day of the event, just use the links provided in the information below.  Each one hour webinar session will cover the same information.

NCIRP Stakeholder Webinar #1

DATE:              Monday March 27, 2017

TIME:               3:00-4:00PM (eastern)

CONNECT:      https://share.dhs.gov/r3fctx11w2x/

DIAL:               1-800-320-4330/Passcode:  372094

 

NCIRP Stakeholder Webinar #2

 DATE:              Tuesday March 28, 2017

TIME:               3:00-4:00PM (eastern)

CONNECT:      https://share.dhs.gov/r8bvryj2nu9/

DIAL:               1-800-320-4330/Passcode: 372094

 

NCIRP Stakeholder Webinar #3

DATE:              Wednesday March 29, 2017

TIME:               3:00-4:00PM (eastern)

CONNECT:      https://share.dhs.gov/r6cmtu0qngo/

DIAL:               1-800-320-4330/Passcode 372094

 

NCIRP Stakeholder Webinar #4

DATE:              Thursday March 30, 2017

TIME:               3:00-4:00PM (eastern)

CONNECT:      https://share.dhs.gov/r22skziadr4/

DIAL:               1-800-320-4330/Passcode 372094

This Plan applies to cyber incidents and more specifically significant cyber incidents that are likely to result in demonstrable harm to the national security interests, foreign relations, or economy of the United States or to the public confidence, civil liberties, or public health and safety of the American people.  We plan to discuss how the NCIRP can be leveraged within your communities.

The NCIRP:

  • Describes a national approach to dealing with cyber incidents, and the important role that the private sector, States, and multiple federal agencies play in responding to incidents and how the actions of all fit together for an integrated response;
  • Reflects and incorporates lessons learned from exercises and real U.S. incidents and policy updates, such as Presidential Policy Directive (PPD)-41 on Cyber Incident Coordination Policy and the National Cybersecurity Protection Act of 2014; and
  • Reinforces and describes the roles of the lead Federal agencies during a significant cyber incident

To view the final NCIRP, visit https://www.us-cert.gov/ncirp

The Internet of Things – Wait…What?

Editor’s Note:  Many of you may already be quite conversant with the “Internet of Things” but I had to go looking.  Why?  Because, as a technologically advanced protocol for connectedness, it can be very useful.  However, it also has the potential to affect water system operations in a not so useful manner.  By the way, the Internet of Things is often referred to as IoT.

The following are excerpts from an article written by Jacob Morgan for Forbes Magazine in 2014.

“The “Internet of things” (IoT) is becoming an increasingly growing topic of conversation both in the workplace and outside of it. It’s a concept that not only has the potential to impact how we live but also how we work. But what exactly is the “Internet of things” and what impact is it going to have on you, if any?

Simply put, this is the concept of basically connecting any device with an on and off switch to the Internet (and/or to each other). This includes everything from cellphones, coffee makers, washing machines, headphones, lamps, wearable devices and almost anything else you can think of.  This also applies to components of machines, for example a jet engine of an airplane or the drill of an oil rig.  The analyst firm Gartner says that by 2020 there will be over 26 billion connected devices…The IoT is a giant network of connected “things” (which also includes people).  The relationship will be between people-people, people-things, and things-things.

How Does This Impact You?

The new rule for the future is going to be, “Anything that can be connected, will be connected.” But why on earth would you want so many connected devices talking to each other? There are many examples for what this might look like or what the potential value might be…What if your alarm clock wakes up you at 6 a.m. and then notifies your coffee maker to start brewing coffee for you? What if your office equipment knew when it was running low on supplies and automatically re-ordered more?  What if the wearable device you used in the workplace could tell you when and where you were most active and productive and shared that information with other devices that you used while working?  On a broader scale, the IoT can be applied to things like transportation networks: “smart cities” which can help us reduce waste and improve efficiency for things such as energy use; helping us understand and improve how we work and live.

Security is a big issue that is oftentimes brought up. With billions of devices being connected together, what can people do to make sure that their information stays secure? Will someone be able to hack into your toaster and thereby get access to your entire network? The IoT also opens up companies all over the world to more security threats. Then we have the issue of privacy and data sharing. This is a hot-button topic even today, so one can only imagine how the conversation and concerns will escalate when we are talking about many billions of devices being connected. Another issue that many companies specifically are going to be faced with is around the massive amounts of data that all of these devices are going to produce. Companies need to figure out a way to store, track, analyze and make sense of the vast amounts of data that will be generated.

So What Now?

Conversations about the IoT are (and have been for several years) taking place all over the world as we seek to understand how this will impact our lives. We are also trying to understand what the many opportunities and challenges are going to be as more and more devices start to join the IoT. For now the best thing that we can do is educate ourselves about what the IoT is and the potential impacts that can be seen on how we work and live.”

Now that you have a better understanding of IoT, here’s some more helpful information from DHS…

While the IoT can provide efficiency, convenience, and interactivity features that are attractive, the IoT can also be vulnerable to manipulation by malicious actors, as observed in recent distributed denial of service (DDoS) attacks. US-CERT recommends reviewing the Strategic Principles for Securing the Internet of Things to learn more.

 

TEEX Offers Cyber Courses

Our colleagues at TEEX, the Engineering Extension Service at Texas A&M University, have posted their latest schedule for upcoming cyber security courses.  Click on the course name for more information.

Date Location
Promoting Community Cybersecurity
AWR-135
February 16, 2017 Albuquerque, New Mexico
Essentials of Community Cybersecurity
AWR-136
November 8, 2016 Sanford, Florida
November 8, 2016 Westminster, California
December 6, 2016 Los Angeles, California
February 15, 2017 Albuquerque, New Mexico
April 11, 2017 Nashville, Tennessee
June 6, 2017 Egg Harbor, NJ
Community Preparedness for Cyber Incidents
MGT 384
November 8-9, 2016 Sanford, Florida
November 8-9, 2016 Westminster, California
December 6-7, 2016 Los Angeles, California
April 11-12, 2017 Nashville, Tennessee
June 6-7, 2017 Egg Harbor, New Jersey
Community Cybersecurity Exercise Planning
MGT 385
December 08-09 2016 Los Angeles, CA
December 13-14, 2016 Dallas, TX
December 8-9, 2016 Salem, Oregon
February, 21-22, 2017 Nashville, Tennessee

 

 

 

WaterISAC Shares Updated Cyber Measures

Our colleagues at the WaterISAC have recently updated their 10 Basic Cybersecurity Measures:  Best Practices to Reduce Exploitable Weaknesses and Attacks.  It was developed in partnership with the U.S. Department of Homeland Security ICS-CERT, the FBI, and the Information Technology ISAC.  As you read through, note that each recommendation is accompanied by links to corresponding technical resources.   The updated guide is available here https://www.waterisac.org/sites/default/files/public/10_Basic_Cybersecurity_Measures-WaterISAC_Oct2016%5B2%5D.pdf