On This Page
Department of Homeland Security
The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT)
The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) works to reduce risks within and across all critical infrastructure sectors by partnering with law enforcement agencies and the intelligence community and coordinating efforts among Federal, state, local, and tribal governments and control systems owners, operators, and vendors. Additionally, ICS-CERT collaborates with international and private sector Computer Emergency Response Teams (CERTs) to share control systems-related security incidents and mitigation measures.
Control Systems Advisories and Reports
Alerts provide timely notification to critical infrastructure owners and operators concerning threats to critical infrastructure networks.
Advisories provide timely information about current security issues, vulnerabilities, and exploits.
We provide this newsletter as a service to personnel actively engaged in the protection of critical infrastructure assets.
|Joint Security Awareness Reports (JSARs)|
ICS-CERT coordinates with US-CERT and other partners to develop Joint Security Awareness Reports (JSARs) to provide situational awareness for the public on cybersecurity issues.
Technical Information Papers (TIPs), Annual Reports (Year in Review), and other products that ICS-CERT believes are of interest to persons engaged in protecting industrial control systems.
Terrorists seize control of the electric grid and natural gas distribution, using only computers. It’s only the stuff of Hollywood, so far. But state officials released a report Monday that reflects a growing concern that utilities must harden their defenses against cyber attacks.Wednesday, April 16, 2014 - 11:22
The U.S. electric grid is constantly under attack despite attempts by utilities to boost physical security and cyberdefenses. Regulators have increasingly focused on physical security of the grid since last year’s attack on a Pacific Gas and Electric Co. substation in San Jose, California, where unknown attackers cut telephone lines to the Metcalf substation, then disabled seventeen transformers with precise gunfire.Tuesday, March 25, 2014 - 11:25
ICS-CERT is pleased to announce the launch of “Cybersecurity for Industrial Control Systems (210W).” This course is an online web based version of our 101 and 201 instructor led courses.Tuesday, March 18, 2014 - 12:04
Healthcare Industry Still Lacking in Cyber Threat Preparedness, While Cyber Attacks Targeted at Industry IncreaseHITRUST, in partnership with the U.S. Department of Health and Human Services is announcing they will conduct monthly cyber threat briefings. The briefings will aid organizations to better understand current and probable cyber threats relevant to organizations in the healthcare industry and share best practices for cyber threat defense and response.Friday, March 14, 2014 - 11:47
Without updates after April 8 Windows XP is expected to fall prey to any number of zero-day attacks for which Microsoft will provide no defense, but there are some things die-hard XP users can do to make their machines safer.Thursday, March 6, 2014 - 11:29
Siemens SINEMA Vulnerabilities
This advisory provides mitigation details for vulnerabilities in the Siemens SINEMA server.04/17/2014 - 13:41
Situational Awareness Alert for OpenSSL Vulnerability (Update C)
This alert update provides additional information, updating NCCIC/ICS-CERT Alert titled ICS-ALERT-14-009-01B Situational Awareness Alert for OpenSSL Vulnerability (UPDATE B) that was published April 12, 2014, on the ICS-CERT web site.04/17/2014 - 12:33
Innominate mGuard OpenSSL HeartBleed Vulnerability (Update A)
This updated advisory provides mitigation details for the HeartBleed vulnerability in devices running mGuard firmware.04/17/2014 - 10:51
(UPDATE) FBI Snort Signatures (Heartbleed) -- April 2014
04/17/2014 - 09:07
Progea Movicon SCADA Information Disclosure Vulnerability
This advisory provides mitigation details for a disclosure vulnerability in the Progea Movicon application.04/15/2014 - 11:29
Siemens Industrial Products OpenSSL HeartBleed Vulnerability
This advisory provides mitigation details for the OpenSSL vulnerability in several Siemens industrial products.04/15/2014 - 10:13
IOServer Out of Bounds Read Vulnerability
This advisory provides mitigation details for an out of bounds read vulnerability in IOServer’s OPC Server application.04/10/2014 - 10:57
Rockwell Allen-Bradley MicroLogix, SLC 500, and PLC-5 Fault Generation Vulnerability (Update B)
This updated advisory is a follow-up to the updated advisory titled ICSA-12-342-01A Rockwell Allen-Bradley MicroLogix, SLC 500, and PLC-5 controller that was published December 11, 2012, on the NCCIC/ICS-CERT web site. This updated advisory describes a fault generation vulnerability that can cause a denial of service in the Rockwell Automation Allen-Bradley MicroLogix, SLC 500, and PLC-5 controller.04/10/2014 - 10:35
DNP3 Implementation Vulnerability (Update B)
This updated advisory is a follow-up to the updated advisory titled ICSA-13-291-01A DNP3 Implementation Vulnerability that was published November 21, 2013, on the NCCIC/ICS-CERT web site. This updated advisory provides the revised noninclusive list of DNP3 advisories that NCCIC/ICS-CERT has produced in conjunction with the vendors producing a patch or update to mitigate the reported vulnerability.04/09/2014 - 14:19
OSISoft PI Interface for DNP3 Improper Input Validation
This advisory provides mitigation details for an improper input validation vulnerability in the OSIsoft PI Interface for DNP3 product.04/08/2014 - 11:01