- ICS-CERT Advisories
Advisories provide timely information about current security issues, vulnerabilities, and exploits .
- ICS-CERT Alerts
An ICS-CERT Alert is intended to provide timely notification to critical infrastructure owners and operators concerning threats or activity with the potential to impact critical infrastructure computing networks.
- ICS-CERT Monitor Newsletters
ICS-CERT publishes the Monitor Newsletter when an adequate amount of pertinent information has been collected. We provide this newsletter as a service to personnel actively engaged in the protection of critical infrastructure assets.
- Other Reports
This section includes ICS-CERT Technical Information Papers (TIPs), Annual Reports (Year in Review), and other products that ICS-CERT believes are of interest to persons engaged in protecting industrial control systems.
- NCCIC/ICS-CERT 2016 Annual Vulnerability Coordination Report
- NCCIC/ICS-CERT Advanced Analytical Laboratory Malware Trends White Paper
- NCCIC/ICS-CERT FY 2015 Annual Vulnerability Coordination Report
- NCCIC Year in Review 2017
- Year in Review 2016
- FY2016 Incident Response Pie Charts (addendum to 2016 Year-in-Review)
- Year in Review 2015
- Year in Review 2014
- Year in Review 2013
- ST13-003 : (Security Tip) Handling Destructive Malware
- Year in Review 2012
- Roadmap to Secure Control Systems in the Transportation Sector
- Year in Review 2011
- Catalog of Control Systems Security: Recommendations for Standards Developers
- Common Cyber Security Vulnerabilities in Industrial Control Systems
- Year in Review 2010
- Cyber Security Procurement Language for Control Systems
- Primer Control Systems Cyber Security Framework and Technical Metrics
- Control Systems Communications Encryption Primer
- Critical Infrastructure and Control Systems Security Curriculum
- Securing your SCADA and Industrial Control Systems
- Potential Vulnerabilities in Municipal Communications Networks
- Backdoors and Holes in Network Perimeters: A Case Study for Improving Your Control System Security
- An Undirected Attack Against Critical Infrastructure: A Case Study for Improving your Control System Security
- Destructive Malware
This NCCIC/ICS-CERT white paper highlights a number of the destructive malware families analyzed by ICS-CERT and gives recommendations for victims on the best way to combat each specific family. Length is 4 pages. March 2017.
- WMI For Detection and Response
This NCCIC/ICS-CERT white paper has been temporarily removed from the web site pending resolution of content issues. April 2017.
- Improving the Operation and Development of GPS Equipment Used in Industrial Control Systems
This paper is intended as a Best Practices Guide for improving the operation and development of Global Positioning System (GPS) equipment used in Critical Infrastructure. Length is 21 pages. January 2017.
- Best Practices for Leap Second Event Occurring on 31 December 2016
This paper is intended to assist federal, state, local, and private sector organizations with preparations for Saturday, 31 December 2016 Leap Second Event. Length is 7 pages. October 2016.
- United States Electricity Industry Primer
U.S. Department of Energy. A high-level overview of the U.S. electricity supply chain, including generation, transmission, and distribution; markets and ownership structures, including utilities and regulatory agencies; and system reliability and vulnerabilities. Length is 49 pages. August 2016.
- ACSC Protect Notice, Malicious Email Mitigation Strategies
Australian Cyber Security Centre. This paper presents strategies for mitigating malicious email. Length is 11 pages. July 2016.
- Seven Steps to Effectively Defend Industrial Control Systems
DHS/FBI/NSA. This paper presents seven strategies that can be implemented today to counter common exploitable weaknesses in “as-built” control systems. Length is 6 pages. December 2015.
- Guidelines for Application Whitelisting in Industrial Control Systems
DHS/NSA. This document serves as an appendix to the “Seven Steps to Defend Industrial Control Systems” document, providing additional conceptual-level guidance on implementing application whitelisting. Length is 6 pages. April 2016.
- OCIA—The Future of Smart Cities: Cyber-Physical Infrastructure Risk
The Department of Homeland Security’s Office of Cyber and Infrastructure Analysis (DHS/OCIA) produced this report discussing how the adoption of, and increased reliance on smart technologies might create or increase risks for Smart Cities. Length is 49 pages. August 2015.
- 10 Basic Cybersecurity Measures (WaterISAC)
WaterISAC partnered with the U.S. Department of Homeland Security Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), the FBI, and the Information Technology ISAC to develop a list of 10 basic cybersecurity recommendations to reduce exploitable weaknesses and defend against avoidable data breaches and cyber attacks. Length is 9 pages. June 2015.
- Strategy for Securing Control Systems
Department of Homeland Security (DHS). This DHS document develops and describes a strategy to protect United States critical infrastructure. Length is 128 pages. October 2009.
- ICS Cybersecurity Response to Physical Security Breaches of Unmanned Critical Infrastructure Sites
SANS Institute InfoSec Reading Room. January 2014.
- 21 Steps to Improve Cyber Security of SCADA Networks
Office of Energy Assurance, Office of Independent Oversight and Performance Assurance, U.S. Department of Energy. If you prefer a list of cybersecurity improvements, then read this short, 10-page document.
- Cybersecurity and the Smarter Grid
U.S. Department of Energy Office of Electricity Delivery and Energy Reliability report discussing cybersecurity for the power grid and how DOE and the energy sector are partnering to keep the smart grid reliable and secure. October 2014.
- National SCADA Test Bed (NSTB) Program
Created in 2003, the National SCADA Test Bed (NSTB) is a one-of-a-kind national resource that draws on the integrated expertise and capabilities of the Argonne, Idaho, Lawrence Berkeley, Los Alamos, Oak Ridge, Pacific Northwest, and Sandia National Laboratories to address the cybersecurity challenges of energy delivery systems.
- Cyberspace Policy Review - Assuring a Trusted and Resilient Information and Communications Infrastructure
President Obama ordered a comprehensive review of cybersecurity strategy, policy, and standards as a starting point for developing broad goals to protect cyberspace communication infrastructure. Length is 76 pages. May 2009.
- National Infrastructure Protection Plan - Partnering to Enhance Protection and Resiliency
A plan for protecting critical infrastructure and key resources of the United States is the subject of this document. Length is 188 pages. 2009.
- North American Electric Reliability Council (NERC) Reliability Standards
The Critical Infrastructure Protection (CIP) tab on the NERC web page contains NERC standards for cybersecurity that can be applied to other industries as well.
- Roadmap to Secure Control Systems in the Chemical Sector
Prepared by Chemical Sector Roadmap Working Group, sponsored by the U.S. Department of Homeland Security and the Chemical Sector Coordinating Council. This Chemical Sector working group has developed five goals along with milestones to implementing a cybersecurity strategy. Length is 76 pages. September 2009.
- Top 10 Vulnerabilities of Control Systems and Their Associated Mitigations, 2007
North American Electric Reliability Council Control Systems Security Working Group and U.S. Department of Energy National SCADA Test Bed Program. This short, eight-page document lists 10 top vulnerabilities found in control systems and offers a graded approach to mitigating them. December 7, 2006.
- File Hashing
- Improving Industrial Control System Cybersecurity with Defense-in-Depth Strategies
- What is WannaCry/WanaCrypt0r?
- GovDelivery Email Subscription
- NCCIC Industrial Control Systems
- PCII Protections
- ICS Private Sector Critical Infrastructure Assessments
- ICS Federal Critical Infrastructure Assessments
- Cyber Security Evaluation Tool (CSET)
- Open Source Tools Available To Assess Risks To Internet Facing ICS
- Using YARA for Malware Detection
- Wake Up and Smell the Packets
- Preparing for Cyber Incident Analysis
- So You Think You've Been Compromised
- Industrial Control Systems Joint Working Group (ICSJWG)
- Training Fact Sheet
- Strategy for Securing Control Systems
- ICS Cybersecurity for the C-Level
- Cyber Information Sharing with DHS CERTs
- Cyber Security Procurement Language for Control Systems Brochure