Created on: 3/26/2018 Army Cyber Institute Bi-Weekly Cyber Threat Report (Mar 1 - 16 2018) Russian Cyber Activity Targeting Critical Infrastructure Chinese Hackers Hit U.S. Firms Linked to South China Sea Iranian Threat Group Tactics New Developments in Cyber-Crime as a Service  
Created on: 6/11/2019 Army Cyber Institute Cyber Threat Report - June 7, 2019 Russia leads as countries begin migration from Windows to Linux Russia, China, and South Korea are all migrating from Windows to Linux. Russia and China cite security concerns while South Korea cites cost reduction. Personal Security Top phishing...

Russia leads as countries begin migration from Windows to Linux

Russia, China, and South Korea are all migrating from Windows to Linux. Russia and China cite security concerns while South Korea cites cost reduction.

Personal Security

Top phishing subject lines

Personal web data removal workbook

Created on: 7/8/2019 Copper Theft Prevention White Paper The E-ISAC Physical Security Analysis Team in coordination with the Physical Security Advisory Group has developed the attached Copper Theft Prevention White Paper using insight from industry experts, as well as open source resources. This paper...

The E-ISAC Physical Security Analysis Team in coordination with the Physical Security Advisory Group has developed the attached Copper Theft Prevention White Paper using insight from industry experts, as well as open source resources. This paper aims to provide copper theft prevention best practices and lessons learned that asset owners and operators (AOOs) have implemented sucessfully in North America. Please feel free to submit any additional prevention and mitigation techniques to physicalsecurity@eisac.com for future updates. 

Created on: 1/19/2018 CPUC White Paper on Security and Resilience for California Electric Distribution Infrastructure California Public Utilities Commission (CPUC) recently published the following white paper discussing post-Metcalf physical security initiatives, processes, and procedures. The following excerpt serves as an executive summary of the document. The...
California Public Utilities Commission (CPUC) recently published the following white paper discussing post-Metcalf physical security initiatives, processes, and procedures. The following excerpt serves as an executive summary of the document. The white paper in it’s entirety is attached for download.

Executive Summary:

The April 2013 sniper attack on Pacific Gas and Electric’s Metcalf substation has been described as a “wake-up call” or an alarm for the electric utility industry to apply closer scrutiny to the vulnerability of key infrastructure to various kinds of attack – whether physical, as in the Metcalf shooting, or in the form of cyber-attacks that might impair physical operations.

The white paper goes into detailed discussion of three major topics. The first is about identifying a process for the prioritization of strategic electrical facilities and determining appropriate security measures or approaches to ensuring resiliency of the system. The second discusses establishing practices for the exchange of highly-confidential or “sensitive” information between utilities and the Commission. The last topic goes into confirming whether existing incident reporting requirements are adequate. These three subject areas are examined with an eye toward ensuring appropriate regulatory oversight of jurisdictional utility operational performance, and providing a mechanism for entities not subject to CPUC ratemaking authority to identify their own most appropriate measures.
Created on: 5/22/2018 CYBER SECURITY RISKS POSED BY UNMANNED AIRCRAFT SYSTEMS The Department of Homeland Security (DHS)/National Protection and Programs Directorate (NPPD)/Office of Cyber and Infrastructure Analysis (OCIA) assesses that unmanned aircraft systems (UASs) provide malicious actors an additional method of gaining...

The Department of Homeland Security (DHS)/National Protection and Programs Directorate (NPPD)/Office of Cyber and Infrastructure Analysis (OCIA) assesses that unmanned aircraft systems (UASs) provide malicious actors an additional method of gaining undetected proximity to networks and equipment within critical infrastructure sectors. Malicious actors could use this increased proximity to exploit unsecured wireless systems and exfiltrate information. Malicious actors could also exploit vulnerabilities within UASs and UAS supply chains to compromise UASs belonging to critical infrastructure operators and disrupt or interfere with legitimate UAS operations.

Created on: 2/5/2020 Cyber Yankee 2019 After Action Report The goal of Cyber Yankee 2019 was to continue the successful execution of a realistic cyber exercise for Army National Guard Defensive Cyberspace Operations Elements (DCOE) and other Cyber units to further train and apply their skills as cyber...

The goal of Cyber Yankee 2019 was to continue the successful execution of a realistic cyber exercise for Army National Guard Defensive Cyberspace Operations Elements (DCOE) and other Cyber units to further train and apply their skills as cyber defenders. This year, we also integrated the several agencies from the State of New Hampshire, the 229th COS, additional legal support, and elements of the 91st Cyber Brigade. Exercise planners used lessons learned from Cyber Yankee 2015-2018 to improve the exercise. The exercise focused on developing strong collaboration across all of the New England Cyber elements, state, and federal government partners in cyber defense. Cyber Yankee ’19 was part of the Federal Emergency Management Agency (FEMA) National Exercise Program.

The end state was continued development of a more robust capacity and capability for the Defensive Cyberspace Operations Elements and other Guard and Reserve cyber units in the New England states as well as a growth in partnerships across multiple levels of government throughout the region. Conducting the exercise at the unclassified level (leveraging open source intelligence information) ensured maximum relevant and current training for all government and non-government participants.

Created on: 2/13/2017 E-ISAC 2016 End of Year Report.pdf Throughout 2016, the E-ISAC collected, analyzed, and shared information on physical and cyber security issues, and this report is a review of the main issues covered over the year. The information came from open source reporting, electricity...

Throughout 2016, the E-ISAC collected, analyzed, and shared information on physical and cyber security issues, and this report is a review of the main issues covered over the year. The information came from open source reporting, electricity members, and federal partners and includes the E-ISAC's analytical summary of those collective reports. This report looks at how the E-ISAC may further identify trends and patterns benefitting members.

Created on: 7/30/2019 E-ISAC Brochure The E-ISAC Brochure describes the products and services provided to asset owners and operators and select government and cross-sector partners in North America. The brochure is intended to provide potential E-ISAC Portal members an overview of the...

The E-ISAC Brochure describes the products and services provided to asset owners and operators and select government and cross-sector partners in North America.

The brochure is intended to provide potential E-ISAC Portal members an overview of the benefits of joining the E-ISAC Portal, what types of information to share, and how to share with the E-ISAC.

Created on: 10/15/2019 E-ISAC Guide for Information Sharing   The E-ISAC has published a  Guide for Information Sharing that includes examples of information to be shared with the E-ISAC. The E‐ISAC serves as the primary security communications channel for industry, and enhances the ability to...

 

The E-ISAC has published a Guide for Information Sharing that includes examples of information to be shared with the E-ISAC.

The E‐ISAC serves as the primary security communications channel for industry, and enhances the ability to prepare for and respond to cyber and physical threats, vulnerabilities, and incidents. The E‐ISAC gathers, analyzes, and shares security information from members and partners; coordinates incident management; enables member to member sharing; and shares mitigation strategies with interdependent sectors and government partners. Information that members share with the E‐ISAC helps create an understanding about security threats that may impact the industry.

If you have questions or comments, contact the E-ISAC at operations@eisac.com.

Created on: 4/30/2019 EPRI Publishes Report "High-Altitude Electromagnetic Pulse and the Bulk Power System Potential Impacts and Mitigation Strategies" ABSTRACT The detonation of a nuclear weapon at high altitude or in space (~ 30 km or more above the earth’s surface) can generate an intense electromagnetic pulse (EMP) referred to as a high-altitude EMP or HEMP. HEMP can propagate to the...

ABSTRACT

The detonation of a nuclear weapon at high altitude or in space (~ 30 km or more above the earth’s surface) can generate an intense electromagnetic pulse (EMP) referred to as a high-altitude EMP or HEMP. HEMP can propagate to the earth and impact various land-based technological systems such as the electric power grid. Because of the extreme differences in views among experts regarding the potential impacts of HEMP on the electric power grid and the potential societal implications, the Electric Power Research Institute (EPRI) launched a three-year research project in April 2016 to investigate the potential impacts of a HEMP attack on the electric transmission system and to identify possible options for mitigating impacts. This report summarizes the research and findings of this three-year research effort.