I am hearing rumors that ICS-CERT has published an alert on
the US CERT Secure Portal about an on-going phishing campaign directed against
various organizations in the chemical and energy sectors. I understand that the
alert is supposed to provide specific information about indicators that may be
used to detect these attacks. I would urge all organizations in these two
sectors (and really everyone else in critical infrastructure) to locate this
alert on the Secure Portal.
As usual I have to remind folks that I don’t have access to
the Secure Portal (and if I did I wouldn’t be able to post warnings of this
sort) so you will have to go there yourself to see if the rumors that I am
hearing are true. I also urge every high-risk chemical facility to sign up for
access to the Secure Portal so that they have routine access to alerts and
advisories that are issued in that venue.
NOTE: The following information comes from the ICS-CERT landing
page:
“ICS-CERT encourages U.S. asset
owners and operators to join the Control Systems compartment of the US-CERT
secure portal. Send your name, e-mail address, and company affiliation to ics-cert@hq.dhs.gov.”
I do not expect that this alert will make it to the public
ICS-CERT web site. The type of indicators that I would expect to see on an
alert of this sort are time sensitive. They would be released on the Secure
Portal because DHS would not want to compromise an on-going investigation of
reported attacks.
Posts
No comments:
Post a Comment