CSSP Web Page Update 04-23-10

On Friday the DHS-CERT Control Systems Security Program website was updated with links to new security warning documents and information on training that will be offered by CSSP in July. Control System’s Analysis Reports Under the ‘What's New’ heading on the site there are two new documents that every security officer and cyber security officer at high-risk chemical facilities should read. They deal with two potential attack vectors that are being used to attack control systems. The first report, SSH Brute‐Force Scanning And Attacks, addresses an attack mode that has been familiar to the general IT community for years, the brute-force authentication search for authentication credentials on systems providing secure shell (SSH) command line access. Control systems or their components that are running SSH on a default TCP Port are particularly vulnerable to this type of attack. The report explains the risk for this type of attack and methods to reduce/eliminate the threat. The second report, USB Drives Commonly Used as an Attack Vector against Critical Infrastructure, describes a variety of ways that USB devices like thumb drives can be used to gain unauthorized access to control systems. From social engineering attacks, to malware infected devices, and intentional insider attacks using LaunchPad applications, a number of techniques for attacking control systems using these devices are described. Advanced Cyber Security Training The CSSP Calendar web page was updated, removing the April classes and providing information on a July training program, the Control Systems Cyber Security Training and Workshop for Federal Employees. This five day training course will be conducted on July 19th thru 23rd, 2010 and will be held at the Control Systems Analysis Center in Idaho Falls, ID. This program will address a variety of current cyber security techniques for ICS security and will include Red Team/Blue Team exercises. Hopefully, DHS ISCD will be able to get some of their chemical security inspectors to this type of training.