Ongoing Cyber Threats to U.S. Water and Wastewater Systems Sector Facilities

10/14/2021 02:57 PM EDT

Original release date: October 14, 2021

CISA, the Federal Bureau of Investigation (FBI), the Environmental Protection Agency (EPA), and the National Security Agency (NSA) have released a joint Cybersecurity Advisory (CSA) that details ongoing cyber threats to U.S. Water and Wastewater Systems (WWS) Sector. This activity—which includes cyber intrusions leading to ransomware attacks—threatens the ability of WWS facilities to provide clean, potable water to, and effectively manage the wastewater of, their communities. The joint CSA provides extensive mitigations and resources to assist WWS Sector facilities in strengthening operational resilience and cybersecurity practices.

CISA has also released a Cyber Risks & Resources for the Water and Wastewater Systems Sector infographic that details both information technology and operational technology risks the WWS Sector faces and provides select resources.

This product is provided subject to this Notification and this Privacy & Use policy.

Be Cyber Smart During Cybersecurity Awareness Month

10/05/2021 07:00 AM EDT

Original release date: October 5, 2021

CISA and the National Cybersecurity Alliance (NCSA) remind users to continue to “Do Your Part. #BeCyberSmart.” during October—2021’s Cybersecurity Awareness Month!
In 2021, CISA and NCSA will focus on different outreach themes each week to include:  

  • Be Cyber Smart
  • Phight the Phish!
  • Explore. Experience. Share. – Cybersecurity Career Awareness Week
  • Cybersecurity First

 As part of the STOP.THINK.CONNECT.™ national public awareness campaign, CISA is also sharing Cybersecurity Awareness Month Resources to reduce cybersecurity risks and protect you online. CISA reminds users that cybersecurity is a proactive responsibility, and individuals and organizations should implement strong security practices to stay safer and more secure online.
Visit CISA’s Cybersecurity Awareness Month webpage for more guidance and resources.

This product is provided subject to this Notification and this Privacy & Use policy.

CERT NZ Releases Ransomware Protection Guide for Businesses

09/14/2021 09:59 AM EDT

Original release date: September 14, 2021

The New Zealand Computer Emergency Response Team (CERT NZ) has released a guide on ransomware protection for businesses. The guide includes a pair of helpful diagrams that outline different ransomware attack pathways and illustrate where relevant security controls can work to protect or stop an attack.  

CISA encourages users, administrators, and business leaders to review the CERT NZ guide, Protecting from ransomware, for more information as well as recommended prevention and mitigation measures.  

For additional resources related to the prevention and mitigation of ransomware, see as well as the CISA-MS-ISAC Joint Ransomware Guide. is the U.S. Government’s official one-stop location for resources to tackle ransomware more effectively.

This product is provided subject to this Notification and this Privacy & Use policy.