Thursday, May 13, 2021

New CFATS Cyber Alert – 5-13-21

Today the CISA Office for Chemical Security published a notice on their Chemical Facility Anti-Terrorism Standards (CFATS) Knowledge Center page regarding a CISA alert for the DarkSide ransomware that recently shut down the Colonial Pipeline operation in Georgia. Today’s notice reports that CISA urges “critical infrastructure asset owners and operators to adopt a heightened state of awareness and implement the recommendations listed in this advisory to help protect them against malicious activity.”

The CISA alert provides a brief overview about what is known about the Colonial Pipeline attack, but it does not include any specific indicators of compromise. It provides some generic actions that an organization can take to reduce the chances of a successful ransomware attack. It has a separate section dealing with control system mitigation and response measures that can reduce the impact of a ransomware attack on industrial control systems. Finally, the document provides a large number of links to documents and resources for obtaining more detailed information.

There are no mentions of any specific CFATS program measures that covered facilities would have to implement.

No comments:

/* Use this with templates/template-twocol.html */