[CDP-development] CISA Info

[Masse, Theresa]

FYSA


SLTT Government Partners:



Rapidly escalating geopolitical tensions have increased concerns about the risk of cyber threats that can disrupt essential services with potential impacts to public safety. Most recently, public and private sector entities in Ukraine have suffered a series of malicious cyber incidents, including website defacement as well as reports of potentially destructive malware on their systems that could result in severe harm to critical functions. The identification of destructive malware is particularly alarming because similar malware has been deployed in the past (e.g., NotPetya and WannaCry ransomware) to cause significant, widespread damage or lack of availability of/to critical functions and critical cyber-dependent infrastructure.



Based on this heightened threat, please consider consulting some of the following links from CISA for controls and other best practices in cyber risk mitigation:



a. Multi-State Information Sharing and Analysis Center (MS-ISAC) https://www.cisecurity.org/ms-isac and the Election Infrastructure Information Sharing and Analysis Center (EI-ISAC)

Funded by CISA, the MS-ISAC and EI-ISAC serve as no-cost resources for situational awareness, best practices, information sharing, and incident response for SLTT government entities. Register now for the MS-ISAC (https://learn.cisecurity.org/ms-isac-registration) and the EI-ISAC (https://learn.cisecurity.org/ei-isac-registration).



b. Malicious Domain Blocking and Reporting https://www.cisecurity.org/ms-isac/services/mdbr

A no-cost protective Domain Name System (DNS) resolver service provided by the MS-ISAC and funded by CISA; blocks malicious DNS requests while keeping state and local partners informed through regular reports.



c. Endpoint Detection and Response https://www.cisecurity.org/insights/spotlight/cybersecurity-spotlight-endpoint-detection-and-response-edr

A service provided by the MS-ISAC and funded by CISA to help SLTT entities involved in managing elections maintain awareness of and isolate malicious activity that may be impacting workstations, servers, and other network endpoints, including malware and ransomware. This program is currently only available to SLTT election organizations.



d. Real-Time Indicator Feeds https://www.cisecurity.org/ms-isac/services/real-time-indicator-feeds
A service provided by the MS-ISAC and funded by CISA that provides real-time cyber threat intelligence indicator feeds that are easy to implement and available for free to SLTT entities.

Our hope is that the resources provided above will support your overall security posture. We look forward to the continued partnership, please don't hesitate to get in contact if you would like sign up for services or require any security advice.

Theresa A. Masse
Cyber Security Advisor, Region 10 (Oregon)
Cybersecurity and Infrastructure Security Agency
Department of Homeland Security
Phone: (503) 930-5671
Email: theresa.masse at cisa.dhs.gov<mailto:theresa.masse at cisa.dhs.gov>

[cid:image001.png at 01D82965.68DD7810]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20220224/c3f55270/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 16152 bytes
Desc: image001.png
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20220224/c3f55270/attachment-0001.png>