Thursday, March 11, 2021

CFATS Cybersecurity Notification – 3-6-21

According to a notice posted today on landing page for the Chemical Facility Anti-Terrorism Standards (CFATS) program CISA utilized the contact information for CFATS covered facilities and over 33,000 other chemical facilities that had filed a Top Screen notification but had not been declared a high-risk facility for coverage under the program to send out targeted information about the ongoing Microsoft Exchange vulnerabilities. Those notices were sent out Saturday and included links to Alert AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities.

The notice on the landing page today did not say if CISA included in that notification a requirement to notify the Infrastructure Security Compliance Division (ISCD), the arm of CISA that oversees the CFATS program, if there were indicators of compromise on the facility servers. It would be likely that servers affected by the Microsoft Exchange Server vulnerabilities would not be covered by the facilities site security plan.

If the notification is not marked as Chemical-terrorism Vulnerability Information (CVI), the sensitive but unclassified information security marking used for security information at CFATS covered facilities. I would be very interested in seeing a copy of the notification.

No comments:

/* Use this with templates/template-twocol.html */