CISA and NSA Publish Joint Cybersecurity Advisory on Control System Defense

09/22/2022 10:59 AM EDT

Original release date: September 22, 2022

CISA and the National Security Agency (NSA) have published a joint cybersecurity advisory about control system defense for operational technology (OT) and industrial control systems (ICSs). Control System Defense: Know the Opponent is intended to provide critical infrastructure owners and operators with an understanding of the tactics, techniques, and procedures (TTPs) used by malicious cyber actors. This advisory builds on NSA and CISA 2021 guidance provided to stop malicious ICS activity against connect OT, and 2020 guidance to reduce OT exposure.

CISA and NSA encourage critical infrastructure owners and operations to review the advisory, [Control System Defense: Know the Opponent], and apply the recommended mitigations and actions. For more information on CISA’s resources and efforts to improve ICS cybersecurity, visit CISA’s role in industrial control systems webpage.

This product is provided subject to this Notification and this Privacy & Use policy.

Cisco Releases Security Update for Multiple Products

08/11/2022 12:03 PM EDT

Original release date: August 11, 2022

Cisco has released a security update to address a vulnerability affecting Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software. This vulnerability could allow a remote attacker to obtain sensitive information. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.

CISA encourages users and administrators to review the following Cisco advisory and apply the necessary updates:
•    Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software RSA Private Key Leak Vulnerability cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz

This product is provided subject to this Notification and this Privacy & Use policy.

NSA Best Practices for Selecting Cisco Password Types

02/17/2022 11:41 AM EST

Original release date: February 17, 2022

The National Security Agency (NSA) has released a Cybersecurity Information (CSI) sheet with guidance on securing network infrastructure devices and credentials. Cisco devices are used globally to secure network infrastructure devices, including across the Department of Defense, National Security Systems, and the Defense Industrial Base. Credentials within Cisco configuration files could be at risk of compromise if strong password types are not used. The CSI reviews Cisco’s password type options, the difficulty to crack each password type, and its vulnerability severity and provides recommendations for use.

CISA encourages administrators to review NSA’s CSI: Cisco Password Types: Best Practices and consider the recommendations to secure sensitive credentials.

This product is provided subject to this Notification and this Privacy & Use policy.

Russian State-Sponsored Actors Target Cleared Defense Contractor Networks

02/16/2022 11:00 AM EST

Original release date: February 16, 2022

CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have released a joint Cybersecurity Advisory (CSA) highlighting regular targeting of U.S. cleared defense contractors (CDCs) by Russian state-sponsored cyber actors. These CDCs support contracts for the U.S. Department of Defense and Intelligence Community. The CSA provides incident response and remediation recommendations as well as mitigations to reduce the risk of compromise.

CISA encourages all critical infrastructure organizations to review the joint CSA: Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology and apply the necessary mitigations. For more information on Russian state-sponsored malicious cyber activity see CISA’s Russia Cyber Threat Overview and Advisories page.

This product is provided subject to this Notification and this Privacy & Use policy.