On This Page
Department of Homeland Security
The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT)
The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) works to reduce risks within and across all critical infrastructure sectors by partnering with law enforcement agencies and the intelligence community and coordinating efforts among Federal, state, local, and tribal governments and control systems owners, operators, and vendors. Additionally, ICS-CERT collaborates with international and private sector Computer Emergency Response Teams (CERTs) to share control systems-related security incidents and mitigation measures.
Learn More about ICS-CERT
Control Systems Advisories and Reports
Alerts provide timely notification to critical infrastructure owners and operators concerning threats to critical infrastructure networks.
Advisories provide timely information about current security issues, vulnerabilities, and exploits.
We provide this newsletter as a service to personnel actively engaged in the protection of critical infrastructure assets.
|Joint Security Awareness Reports (JSARs)|
ICS-CERT coordinates with US-CERT and other partners to develop Joint Security Awareness Reports (JSARs) to provide situational awareness for the public on cybersecurity issues.
Technical Information Papers (TIPs), Annual Reports (Year in Review), and other products that ICS-CERT believes are of interest to persons engaged in protecting industrial control systems.
The National Cybersecurity and Communications Integration Center (NCCIC), in coordination with the United States Naval Observatory, National Institute of Standards and Technology (NIST), the USCG Navigation Center, and the National Coordination Office for Space-Based Positioning, Navigation and Timing, is making available the "Leap Second Best Practices" document. It is intended to assist federal, state, local, and private sector organizations with preparations for the June 30, 2015, Leap Second event.Tuesday, June 16, 2015 - 12:21
https://securelist.com/blog/research/70504/the-mystery-of-duqu-2-0-a-sophisticated-cyberespionage-actor-returns/ http://www.symantec.com/connect/blogs/duqu-20-reemergence-aggressive-cyberespionage-threat https://threatpost.com/duqu-resurfaces-with-new-round-of-victims-including-kaspersky-lab/113237Wednesday, June 10, 2015 - 12:09
NIST Release Notice / NIST SP800-82 r2 document linkFriday, June 5, 2015 - 01:00
http://www.darkreading.com/endpoint/data-theft-the-goal-of-blackenergy-attacks-on-industrial-control-systems-researchers-say/d/d-id/1320599Thursday, May 28, 2015 - 01:00
Siemens Climatix BACnet/IP Communication Module Cross-site Scripting Vulnerability
This advisory provides mitigation details for an identified cross-site scripting vulnerability in the Siemens Climatix BACnet/IP communication module.06/25/2015 - 14:18
PACTware Exceptional Conditions Vulnerability
This advisory provides mitigation details for a handling of exceptional conditions vulnerability in the PACTware Consortium PACTware application.06/25/2015 - 14:08
Wind River VXWorks TCP Predictability Vulnerability in ICS Devices
This advisory provides mitigation details for a TCP predictability vulnerability identified in Wind River’s VxWorks.06/18/2015 - 11:45
Schneider Electric Wonderware System Platform Vulnerabilities
This advisory provides mitigation details for a fixed search path vulnerability identified in Schneider Electric’s Wonderware System Platform suite.06/18/2015 - 11:06
GarrettCom Magnum Series Devices Vulnerabilities
This advisory provides mitigation details for multiple vulnerabilities in GarrettCom’s Magnum 6k and Magnum 10k product lines.06/16/2015 - 14:45
RLE Nova-Wind Turbine HMI Unsecure Credentials Vulnerability (Update A)
This updated advisory is a follow-up to the original advisory titled ICSA-15-162-01 RLE Nova Wind Turbine HMI Unsecure Credentials Vulnerability that was published June 11, 2015, on the NCCIC/ICS-CERT web site. This updated advisory provides publicly disclosed vulnerabilities and mitigation measures for the RLE Nova-Wind Turbine HMI Unsecure Credentials Vulnerability.06/11/2015 - 16:37
Hospira Plum A+ and Symbiq Infusion Systems Vulnerabilities
This advisory provides publicly disclosed vulnerabilities and compensating measures for the Hospira Plum A+ and Symbiq Infusion System that are similar to vulnerabilities identified in the Hospira LifeCare PCA Infusion System discussed in the updated advisory ICSA-15-125-01B Hospira LifeCare PCA Infusion System Vulnerabilities.06/10/2015 - 13:11
Hospira LifeCare PCA Infusion System Vulnerabilities (Update B)
This updated advisory is a follow-up to the updated advisory titled ICSA-15-125-01A Hospira LifeCare PCA Infusion System Vulnerabilities that was published May 13, 2015, on the NCCIC/ICS-CERT web site. This updated advisory provides additional publicly disclosed vulnerabilities and compensating measures for the Hospira LifeCare PCA Infusion System.06/10/2015 - 13:00
N-Tron 702W Hard-Coded SSH and HTTPS Encryption Keys
This advisory provides mitigation details for hard-coded SSH and HTTPS encryption keys in the N-Tron 702-W Industrial Wireless Access Point device.06/09/2015 - 11:10
Sinapsi eSolar Light Plaintext Passwords Vulnerability
This advisory provides mitigation details for plain text passwords in the Sinapsi eSolar Light application.06/09/2015 - 11:00
- ICS-CERT Incident Handling Brochure
- ICS-CERT Vulnerability Disclosure Policy
- US-CERT Vulnerability Notes
- Cyber Threat Source Descriptions
- Overview of Cyber Vulnerabilities
- Cyber Resilience Review (CRR)
- Cyber Security Evaluation Tool (CSET)
- ICS Design Architecture Review (DAR) & Network Architecture Verification and Validation (NAVV)