The following announcements highlight recent cybersecurity news including alerts, threats, vulnerabilities, and malicious activity. They also include up-to-date information on available updates and patches for your operating systems.

GRIZZLY STEPPE - Russian Malicious Cyber Activity

Published Apr 16, 2018

On April 16, 2018, the Department of Homeland Security (DHS), Federal Bureau of Investigation (FBI), and the United Kingdom's (UK) National Cyber Security Centre (NCSC) released a joint Technical Alert (TA) about malicious cyber activity carried out by the Russian Government. The targets of this malicious cyber activity are primarily government and private-sector organizations, critical infrastructure owners and operators, and the Internet Service Providers (ISPs) supporting these sectors. DHS, FBI, and NCSC produced this alert to educate network defenders to enhance their ability to identify and reduce exposure to malicious activity. For more information, visit https://www.us-cert.gov/ncas/alerts/TA18-106A. 

Ransomware Guidance

Published Apr 09, 2018

Ransomware, a type of malicious software that infects and restricts access to a computer until a ransom is paid, remains a serious threat to business and individual networks and devices. It is frequently delivered through phishing emails and exploits unpatched vulnerabilities in software. The names of individual ransomware may vary (e.g., WannaCry, NotPetya, etc.), but NCCIC's best practices and guidance remain the same, including creating system back-ups, being wary of opening emails and attachments from unknown or unverified senders, and ensuring that systems are updated with the latest patches. For more information, visit NCCIC's Ransomware page.

NCCIC Internal Realignment

Published Apr 02, 2018

Throughout 2017, the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) realigned its organizational structure and integrated like functions previously performed independently by the United States Computer Emergency Readiness Team (US-CERT) and the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT).  This new alignment combines intersecting roles from these legacy organizations to enhance the effectiveness of NCCIC’s cybersecurity and communications mission.

HIDDEN COBRA - North Korean Malicious Cyber Activity

Published Mar 28, 2018

On March 28, 2018, the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) identified Trojan malware variants—referred to as SHARPKNOT—used by the North Korean government. The U.S. Government refers to the malicious cyber activity by the North Korean government as HIDDEN COBRA.For more information, visit https://www.us-cert.gov/HiddenCobra.

Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors

Published Mar 15, 2018

On March 15, 2018, the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) released an alert providing information on Russian government actions targeting U.S. Government entities as well as organizations in the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors. DHS and FBI produced this alert to educate network defenders to enhance their ability to identify and reduce exposure to malicious activity.For more information, visit https://www.us-cert.gov/ncas/alerts/TA18-074A.