Wednesday, November 18, 2009


I just don’t get back to check the DHS CERT Control Systems Security Program (CSSP) web page often enough. I checked it today and found that last week they announced the official launch of the Industrial Control System Cyber Emergency Response Team (ICS-CERT) coordination center in Idaho Falls, ID. Now the ICS-CERT have been operational since early this year, but their coordination center is now up and running. The brief article on the ICS-CERT contains a link to a two-page brochure about the ICS-CERT. It describes their mission and genearl capabilities. Probably the most valuable item in the brochure, however, is the ICS-CERT contact information. I’ll reproduce that whole section here.
“CSSP and ICS-CERT encourage you to report suspicious cyber activity, incidents and vulnerabilities affecting critical infrastructure control systems. Online reporting forms are available at You can also submit reports via one of the following methods: “ICS-CERT Watch Floor: 1-877-776-7585 “ICS related cyber activity: “General cyber activity: “Phone: 1-888-282-0870”
I certainly recommend that anyone that has an ICS cyber incident to immediately contact ICS-CERT. Even if the result of that particular incident seems relatively innocuous, it should still be reported. The intelligence and counter-intelligence portion of the ICS-CERT mission is very important and requires these inputs to be effective. Near-miss or ‘cyber-scouting’ incident reporting can be important in preventing serious incidents.

No comments:

/* Use this with templates/template-twocol.html */