Control Systems

• CSSP Home
• Calendar
• ICS-CERT
• ICSJWG
• Information Products
• Training
• Recommended Practices
• Assessments
• Standards & References
• Related Sites
• FAQ

DHS Threat Advisory

The threat level in the airline sector is High or Orange. Read more

Control Systems Security Program (CSSP)

Industrial Control Systems Cyber Emergency Response Team

The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) provides a control system security focus in collaboration with US-CERT to:

• Respond to and analyze control systems related incidents
• Conduct vulnerability and malware analysis
• Provide onsite support for incident response and forensic analysis
• Provide situational awareness in the form of actionable intelligence
• Coordinate the responsible disclosure of vulnerabilities/mitigations
• Share and coordinate vulnerability information and threat analysis through information products and alerts

The ICS-CERT serves as a key component of the Strategy for Securing Control Systems, which outlines a long-term, common vision where effective risk management of control systems security can be realized through successful coordination efforts.

Learn more

Vulnerability Resources Notable Control Systems Related Vulnerabilities Microsoft Windows automatically executes code specified in shortcut files July 2010 S2 NetBox allows unauthenticated HTTP access to node logs, backups, and employee photographs June 2010 Cisco Network Building Mediator Vulnerabilities May 2010 IntelliCom NetBiter devices have default HICP passwords April 2010 IntelliCom NetBiter Config HICP hostname buffer overflow March 2010 Rockwell Automation Allen-Bradley MicroLogix PLC authentication and authorization vulnerabilities January 2010 AREVA e-terrahabitat SCADA systems vulnerabilities February 2009 More ICS-CERT Reports Advisory ICSA-10-239-01- Dynamic Library Loading Vulnerability in Microsoft-based Applications Updated Advisory ICSA-10-238-01A- Stuxnet Mitigations Advisory 10-228-01- Non-Authorized Admin Accounts Updated Advisory 10-201-01C USB Malware Targeting Siemens Control Software Advisory 10-214-01 VxWorks Vulnerabilities Advisory 10-147-01 _ Cisco Network Building Mediator SSH Brute-Force Scanning and Attacks USB drives commonly used as AN attack vector against critical infrastructure Other Resources ICS-CERT vulnerability disclosure policy Cyber Threat Source Descriptions Overview of Cyber Vulnerabilities Report an Incident CSSP and ICS-CERT encourage you to report suspicious cyber activity, incidents and vulnerabilities affecting critical infrastructure control systems. Report online You can also submit reports via one of the following methods: ICS-CERT Watch Floor: 1-877-776-7585 ICS related cyber activity: ics-cert@dhs.gov General cyber activity: soc@us-cert.gov Phone: 1-888-282-0870 When sending sensitive information to ICS-CERT via email, we encourage you to encrypt your messages. Download the public key.

Notable Critical Infrastructure News