<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"Franklin Gothic Book";
panose-1:2 11 5 3 2 1 2 2 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
p.Default, li.Default, div.Default
{mso-style-name:Default;
margin:0in;
text-autospace:none;
font-size:12.0pt;
font-family:"Franklin Gothic Book",sans-serif;
color:black;}
span.EmailStyle19
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="#0563C1" vlink="#954F72" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal">I neglected to include the following important info:<o:p></o:p></p>
<p class="Default"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"><o:p> </o:p></span></p>
<p class="Default"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">1.
</span><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:purple"><a href="https://www.cisa.gov/shields-up">https://www.cisa.gov/shields-up</a></span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:purple">
<o:p></o:p></span></p>
<p class="Default"><i><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">This page consolidates CISA’s published resources on cyber threats related to the current geopolitical tensions. It is designed to help critical infrastructure owners and
operators mitigate possible cyber threats and strengthen their cybersecurity posture.
</span></i><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"><o:p></o:p></span></p>
<p class="Default"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"><o:p> </o:p></span></p>
<p class="Default"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">a.
</span><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:purple">Alert (AA22-047A): Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology
</span></b><a href="https://www.cisa.gov/uscert/ncas/alerts/aa22-047a"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">https://www.cisa.gov/uscert/ncas/alerts/aa22-047a</span></b></a><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:purple">
</span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">(February 2022) –
<i>A joint cybersecurity advisory with the FBI and the NSA about Russian state-sponsored cyber actors targeting cleared defense contractors in the United States; includes detection and mitigation recommendations to reduce the risk of data exfiltration.
</i><o:p></o:p></span></p>
<p class="Default"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"><o:p> </o:p></span></p>
<p class="Default"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">b.
</span><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:purple">CISA Insights: Implement Cybersecurity Measures Now to Protect Against Potential Critical Threats
</span></b><a href="https://www.cisa.gov/sites/default/files/publications/CISA_Insights-Implement_Cybersecurity_Measures_Now_to_Protect_Against_Critical_Threats_508C.pdf"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">https://www.cisa.gov/sites/default/files/publications/CISA_Insights-Implement_Cybersecurity_Measures_Now_to_Protect_Against_Critical_Threats_508C.pdf</span></b></a><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">
</span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">(January 2022) –
<o:p></o:p></span></p>
<p class="Default"><i><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">An executive-level product that recommends urgent, near-term steps to reduce the likelihood and impact of a potentially damaging compromise.
</span></i><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"><o:p></o:p></span></p>
<p class="Default"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"><o:p> </o:p></span></p>
<p class="Default"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">c.
</span><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:purple">Alert (AA22-011A): Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
</span></b><a href="https://www.cisa.gov/uscert/ncas/alerts/aa22-011a"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">https://www.cisa.gov/uscert/ncas/alerts/aa22-011a</span></b></a><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:purple">
</span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">(January 2022) –
<o:p></o:p></span></p>
<p class="MsoNormal"><i>A joint cybersecurity advisory with the FBI and NSA about the Russian threat to critical infrastructure, including specific tactics, techniques, and procedures associated with Russian actors.<o:p></o:p></i></p>
<p class="MsoNormal"><i><o:p> </o:p></i></p>
<p class="MsoNormal">CISA has no-cost <b><span style="color:purple">Cyber Hygiene services
</span></b><a href="https://www.cisa.gov/cyber-hygiene-services"><b>https://www.cisa.gov/cyber-hygiene-services</b></a><span style="color:purple">
</span>—including vulnerability scanning, web application scanning, phishing campaign assessments, and remote penetration tests—as well as free services and tools offered by trusted private sector partners (see the
<b><span style="color:#7030A0">Free</span></b><span style="color:#7030A0"> <b>Cybersecurity Services and Tools
</b></span><a href="https://www.cisa.gov/free-cybersecurity-services-and-tools"><b>https://www.cisa.gov/free-cybersecurity-services-and-tools</b></a><span style="color:blue">
</span>page on CISA’s website). <b>Always remember to report cyber incidents to CISA Central (</b><a href="mailto:central@cisa.dhs.gov"><b>central@cisa.dhs.gov</b></a><b>).<o:p></o:p></b></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Regards - -Theresa<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><b><span style="color:#1F497D">Theresa A. Masse<o:p></o:p></span></b></p>
<p class="MsoNormal"><span style="font-size:10.0pt;color:#1F497D">Cyber Security Advisor, Region 10 (Oregon)
<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;color:#1F497D">Cybersecurity and Infrastructure Security Agency<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;color:#1F497D">Department of Homeland Security<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;color:#1F497D">Phone: (503) 930-5671
<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;color:#1F497D">Email:</span><span style="font-size:10.0pt;color:#777777">
</span><a href="mailto:theresa.masse@cisa.dhs.gov"><span style="font-size:10.0pt">theresa.masse@cisa.dhs.gov</span></a><u><span style="font-size:10.0pt;color:#0760C1"><o:p></o:p></span></u></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><img border="0" width="97" height="97" style="width:1.0138in;height:1.0138in" id="Picture_x0020_2" src="cid:image001.png@01D82968.9DC30150"><span style="color:#1F497D"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b>From:</b> Masse, Theresa <br>
<b>Sent:</b> Thursday, February 24, 2022 10:01 AM<br>
<b>To:</b> cdp-development@omls.oregon.gov<br>
<b>Subject:</b> CISA Info<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">FYSA<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="Default"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">SLTT Government Partners:<o:p></o:p></span></b></p>
<p class="Default"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"><o:p> </o:p></span></b></p>
<p class="Default"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">Rapidly escalating geopolitical tensions have increased concerns about the risk of cyber threats that can disrupt essential services with potential impacts to public safety.
Most recently, public and private sector entities in Ukraine have suffered a series of malicious cyber incidents, including website defacement as well as reports of potentially destructive malware on their systems that could result in severe harm to critical
functions. The identification of destructive malware is particularly alarming because similar malware has been deployed in the past (e.g., NotPetya and WannaCry ransomware) to cause significant, widespread damage or lack of availability of/to critical functions
and critical cyber-dependent infrastructure. <o:p></o:p></span></p>
<p class="Default"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"><o:p> </o:p></span></p>
<p class="Default"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">Based on this heightened threat, please consider consulting some of the following links from CISA for controls and other best practices in cyber risk mitigation:
<b><o:p></o:p></b></span></p>
<p class="Default"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> <o:p></o:p></span></b></p>
<p class="Default"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">a.
</span><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:purple">Multi-State Information Sharing and Analysis Center (MS-ISAC)
</span></b><a href="https://www.cisecurity.org/ms-isac"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">https://www.cisecurity.org/ms-isac</span></b></a><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:purple">
</span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">and the Election Infrastructure Information Sharing and Analysis Center (EI-ISAC)
<o:p></o:p></span></p>
<p class="Default"><i><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">Funded by CISA, the MS-ISAC and EI-ISAC serve as no-cost resources for situational awareness, best practices, information sharing, and incident response for SLTT government
entities. Register now for the MS-ISAC (</span></i><a href="https://learn.cisecurity.org/ms-isac-registration"><i><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">https://learn.cisecurity.org/ms-isac-registration</span></i></a><i><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">)
and the EI-ISAC (</span></i><a href="https://learn.cisecurity.org/ei-isac-registration"><i><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">https://learn.cisecurity.org/ei-isac-registration</span></i></a><i><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">).
</span></i><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"><o:p></o:p></span></p>
<p class="Default"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"><o:p> </o:p></span></p>
<p class="Default"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">b.
</span><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:purple">Malicious Domain Blocking and Reporting
</span></b><a href="https://www.cisecurity.org/ms-isac/services/mdbr"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">https://www.cisecurity.org/ms-isac/services/mdbr</span></b></a><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:purple"><o:p></o:p></span></p>
<p class="Default"><i><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">A no-cost protective Domain Name System (DNS) resolver service provided by the MS-ISAC and funded by CISA; blocks malicious DNS requests while keeping state and local partners
informed through regular reports. </span></i><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"><o:p></o:p></span></p>
<p class="Default"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"><o:p> </o:p></span></p>
<p class="Default"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">c.
</span><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:purple">Endpoint Detection and Response
</span></b><a href="https://www.cisecurity.org/insights/spotlight/cybersecurity-spotlight-endpoint-detection-and-response-edr"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">https://www.cisecurity.org/insights/spotlight/cybersecurity-spotlight-endpoint-detection-and-response-edr</span></b></a><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:purple"><o:p></o:p></span></p>
<p class="Default"><i><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">A service provided by the MS-ISAC and funded by CISA to help SLTT entities involved in managing elections maintain awareness of and isolate malicious activity that may be
impacting workstations, servers, and other network endpoints, including malware and ransomware.
</span></i><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">This program is currently only available to SLTT election organizations.
<o:p></o:p></span></p>
<p class="Default"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"><o:p> </o:p></span></p>
<p class="Default"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">d.
</span><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:purple">Real-Time Indicator Feeds
</span></b><b><u><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#0070C0"><a href="https://www.cisecurity.org/ms-isac/services/real-time-indicator-feeds">https://www.cisecurity.org/ms-isac/services/real-time-indicator-feeds</a></span></u></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:purple"><o:p></o:p></span></p>
<p class="MsoNormal"><i>A service provided by the MS-ISAC and funded by CISA that provides real-time cyber threat intelligence indicator feeds that are easy to implement and available for free to SLTT entities.<o:p></o:p></i></p>
<p class="MsoNormal"><i><o:p> </o:p></i></p>
<p class="MsoNormal">Our hope is that the resources provided above will support your overall security posture. We look forward to the continued partnership, please don't hesitate to get in contact if you would like sign up for services or require any security
advice.<o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:12.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><b><span style="color:#1F497D">Theresa A. Masse<o:p></o:p></span></b></p>
<p class="MsoNormal"><span style="font-size:10.0pt;color:#1F497D">Cyber Security Advisor, Region 10 (Oregon)
<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;color:#1F497D">Cybersecurity and Infrastructure Security Agency<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;color:#1F497D">Department of Homeland Security<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;color:#1F497D">Phone: (503) 930-5671
<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;color:#1F497D">Email:</span><span style="font-size:10.0pt;color:#777777">
</span><a href="mailto:theresa.masse@cisa.dhs.gov"><span style="font-size:10.0pt">theresa.masse@cisa.dhs.gov</span></a><u><span style="font-size:10.0pt;color:#0760C1"><o:p></o:p></span></u></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><img border="0" width="97" height="97" style="width:1.0138in;height:1.0138in" id="Picture_x0020_1" src="cid:image001.png@01D82968.9DC30150"><span style="color:#1F497D"><o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</body>
</html>