[CDP-development] Cyber Incidents Between August 1, 2021 and July 31, 2023

[Greenlee Dianne]

Hello, Jessica Chastain shared these emails with me because you may be able to assist with a DHS-mandated project (description below).

Can you share with me any high-level information on cyber incidents between 8/1/21 and 7/31/23 in the following counties: Yamhill, Washington, Clackamas, Columbia and Multnomah, please? The information doesn't need to go into a lot of detail or specifics that could jeopardize an investigation (if there is one). An open-source link supporting any data would be appreciated, also.

If there is no information to share, that is perfectly fine. I appreciate your time.

Project description (Request for Information: DHS-RFI-02210-23):

(U//FOUO) CIC is disseminating this RFI to Homeland security partners to elicit their perspective and insight into cyber threats affecting stakeholders eligible under the HSGP. To this end, CIC requests information that identifies cyber threats affecting critical infrastructure within eligible Metropolitan Statistical Areas (MSAs) during the relevant reporting period, 01 August 2021 - 31 July 2023. For cyber threat activity, we welcome non-restricted operational or investigative cyber threat information you may have previously shared with other federal government entities over the past year including, but not limited to, those in the Intelligence Community (IC), Cybersecurity and Infrastructure Security Agency (CISA), or other DHS components.

(U//FOUO) For the purpose of this request, CIC considers cyber threats to include a range of malicious activities such as web defacements, denial of service attacks, theft of intellectual property and financial data, data corruption or deletion, and cyber-enabled disruption or destruction of critical infrastructure. Please note the following examples: * Information about specific, verified cyber events against critical infrastructure within your respective MSA that depicts the nature of the malicious activity; specifically, how the malicious activity occurred, against whom, when, by whom/from where, and/or the duration of the activity. * If available, please also provide detailed information regarding critical infrastructure, workforce, or stakeholder impacts, including but not limited to whether the accessibility or delivery of key products, commodities, or services was disrupted. * CIC also values insight into malicious, intentional insider cyber threats to critical infrastructure within your MSA. * Please highlight malicious cyber events that affected election security, impacted the integrity of Personally Identifiable Information (PII)/Personal Health Information, damaged property, or resulted in physical harm or loss of life (please specify whether this was directly or indirectly the result of malicious cyber activity).

As a matter of introduction, I work for the Oregon TITAN Fusion Center and am assigned to the Urban Area Security Initiative (UASI)-covered region (counties mentioned above). I am assisting in gathering data to support this project.

Thank you,

Dianne Greenlee
Urban Area Security Initiative Analyst
Oregon Department of Justice | Criminal Division | Oregon TITAN Fusion Center (OTFC)
E-mail: dianne.greenlee at doj.state.or.us<mailto:dianne.greenlee at doj.state.or.us>
Desk:  503.934.2033
Cell: 503.932.7479
Hours: M-Th 7 - 5 pm; Fri 7-11 am

DISCLAIMER: This intelligence information is being passed through as a courtesy to the originating agency.  The Oregon TITAN Fusion Center (OTFC) had no part in developing this information and has not verified the contents to be factual.  If you have any questions about this information, please contact the originating agency.  This bulletin may contain information designated as "FOR OFFICIAL USE ONLY" (FOUO) or "LAW ENFORCEMENT SENSITIVE" (LES) and/or controlled information pursuant to OAR 137-090-0130.  DO NOT FORWARD OR DISSEMINATE WITHOUT THE ORIGINATING AGENCY's PERMISSION. DO NOT POST TO SOCIAL MEDIA.










________________________________

***** CONFIDENTIALITY NOTICE *****
This e-mail may contain information that is privileged, confidential, or otherwise exempt from disclosure under applicable law. If you are not the addressee or it appears from the context or otherwise that you have received this e-mail in error, please advise me immediately by reply e-mail, keep the contents confidential, and immediately delete the message and any attachments from your system.

************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20230731/e80bca6d/attachment.html>