<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"Segoe UI";
panose-1:2 11 5 2 4 2 4 2 2 3;}
@font-face
{font-family:"Franklin Gothic Book";
panose-1:2 11 5 3 2 1 2 2 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
p.xxxmsonormal, li.xxxmsonormal, div.xxxmsonormal
{mso-style-name:x_x_x_msonormal;
margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
p.xparagraph, li.xparagraph, div.xparagraph
{mso-style-name:x_paragraph;
margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
span.xnormaltextrun
{mso-style-name:x_normaltextrun;}
span.xeop
{mso-style-name:x_eop;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:651445753;
mso-list-template-ids:1327165908;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1
{mso-list-id:1646423768;
mso-list-template-ids:572018154;}
@list l1:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level2
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level5
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level8
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="blue" vlink="purple" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal">FYSA<o:p></o:p></p>
<div>
<div>
<div>
<div>
<div>
<p class="xparagraph" style="background:white"><span class="xeop"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black"> </span></span><span style="font-size:9.0pt;font-family:"Segoe UI",sans-serif;color:black"><o:p></o:p></span></p>
</div>
<div>
<p class="xparagraph" style="background:white;font-kerning:none"><span class="xnormaltextrun"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black">The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA)
and the Federal Bureau of Investigation (FBI) released a joint </span></span><span style="font-size:9.0pt;font-family:"Segoe UI",sans-serif;color:black"><a href="https://www.cisa.gov/uscert/ncas/alerts/aa22-279a"><span class="xnormaltextrun"><span style="font-size:11.0pt;font-family:"Franklin Gothic Book",sans-serif;color:#0563C1">Cybersecurity
Advisory (</span></span></a></span><span class="xnormaltextrun"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black">CSA) with details about the top vulnerabilities used and exploited since 2020 by the People’s Republic of China (PRC) state-sponsored
cyber actors to actively target U.S. and allied networks as well as software and hardware companies to steal intellectual property and develop access into sensitive networks.</span></span><span class="xeop"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black"> </span></span><span style="font-size:9.0pt;font-family:"Segoe UI",sans-serif;color:black"><o:p></o:p></span></p>
</div>
<div>
<div>
<p class="xparagraph" style="background:white;font-kerning:none"><span class="xeop"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black"> </span></span><span style="font-size:9.0pt;font-family:"Segoe UI",sans-serif;color:black"><o:p></o:p></span></p>
</div>
<div>
<p class="xparagraph" style="background:white;font-kerning:none"><span class="xnormaltextrun"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black">The PRC state-sponsored actors continue to use virtual private networks (VPNs) to obfuscate
their activities and target web-facing applications to establish initial access. The majority of the
<span style="background:white">common vulnerabilities and exposures (CVEs)</span> are vulnerable to remote code execution, meaning an adversary could exploit those specific vulnerabilities to gain unauthorized access and take control of an affected system.
Many of the known vulnerabilities in this CSA allow the actors to operate in a stealthy manner to gain unauthorized access into sensitive networks. Once they gain unauthorized access inside a network, these actors seek to establish persistence and move laterally
to other internally connected networks. </span></span><span class="xeop"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black"> </span></span><span style="font-size:9.0pt;font-family:"Segoe UI",sans-serif;color:black"><o:p></o:p></span></p>
</div>
<div>
<p class="xparagraph" style="background:white;font-kerning:none"><span class="xeop"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black"> </span></span><span style="font-size:9.0pt;font-family:"Segoe UI",sans-serif;color:black"><o:p></o:p></span></p>
</div>
<div>
<p class="xparagraph" style="background:white;font-kerning:none"><span class="xnormaltextrun"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black">The CSA provides an appendix with a clear, concise description and vulnerable technologies
and versions for each CVE; it also provides recommended mitigations and detection methods, if any exist. Some of the actions in this CSA that can help protect networks include: </span></span><span class="xeop"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black"> </span></span><span style="font-size:9.0pt;font-family:"Segoe UI",sans-serif;color:black"><o:p></o:p></span></p>
</div>
<ul style="margin-top:0in" type="disc">
<li class="xparagraph" style="color:black;mso-list:l0 level1 lfo3;background:white">
<span class="xnormaltextrun"><span style="font-family:"Franklin Gothic Book",sans-serif">Update and patch systems, including those in this CSA and CISA’s known exploited vulnerabilities catalog. </span></span><span class="xeop"><span style="font-family:"Franklin Gothic Book",sans-serif"> </span></span><span style="font-family:"Franklin Gothic Book",sans-serif"><o:p></o:p></span></li><li class="xparagraph" style="color:black;mso-list:l0 level1 lfo3;background:white">
<span class="xnormaltextrun"><span style="font-family:"Franklin Gothic Book",sans-serif">Use phishing-resistant multi-factor authentication whenever possible. </span></span><span class="xeop"><span style="font-family:"Franklin Gothic Book",sans-serif"> </span></span><span style="font-family:"Franklin Gothic Book",sans-serif"><o:p></o:p></span></li><li class="xparagraph" style="color:black;mso-list:l0 level1 lfo3;background:white">
<span class="xnormaltextrun"><span style="font-family:"Franklin Gothic Book",sans-serif">Require all accounts with password logins to have strong, unique passwords, and change passwords immediately if there are indications that a password may have been compromised.</span></span><span class="xeop"><span style="font-family:"Franklin Gothic Book",sans-serif"> </span></span><span style="font-family:"Franklin Gothic Book",sans-serif"><o:p></o:p></span></li><li class="xparagraph" style="color:black;mso-list:l0 level1 lfo3;background:white">
<span class="xnormaltextrun"><span style="font-family:"Franklin Gothic Book",sans-serif">Block obsolete or unused protocols at the network edge.</span></span><span class="xeop"><span style="font-family:"Franklin Gothic Book",sans-serif"> </span></span><span style="font-family:"Franklin Gothic Book",sans-serif"><o:p></o:p></span></li><li class="xparagraph" style="color:black;mso-list:l0 level1 lfo3;background:white">
<span class="xnormaltextrun"><span style="font-family:"Franklin Gothic Book",sans-serif">Upgrade or replace end-of-life devices.</span></span><span class="xeop"><span style="font-family:"Franklin Gothic Book",sans-serif"> </span></span><span style="font-family:"Franklin Gothic Book",sans-serif"><o:p></o:p></span></li><li class="xparagraph" style="color:black;mso-list:l0 level1 lfo3;background:white">
<span style="font-family:"Franklin Gothic Book",sans-serif">Move toward the Zero Trust security model.<o:p></o:p></span></li><li class="xparagraph" style="color:black;mso-list:l0 level1 lfo3;background:white">
<span class="xnormaltextrun"><span style="font-family:"Franklin Gothic Book",sans-serif">Enable robust logging of Internet-facing systems and monitor the logs for anomalous activity.</span></span><span class="xeop"><span style="font-family:"Franklin Gothic Book",sans-serif"> </span></span><span style="font-family:"Franklin Gothic Book",sans-serif"><o:p></o:p></span></li></ul>
</div>
<div>
<div>
<p class="xparagraph" style="background:white;font-kerning:none"><span class="xeop"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black"> </span></span><span style="font-size:9.0pt;font-family:"Segoe UI",sans-serif;color:black"><o:p></o:p></span></p>
</div>
</div>
</div>
</div>
</div>
</div>
<p class="MsoNormal"><b><span style="color:#1F497D">Theresa A. Masse<o:p></o:p></span></b></p>
<p class="MsoNormal"><span style="font-size:10.0pt;color:#1F497D">Cyber Security Advisor, Region 10 (Oregon)
<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;color:#1F497D">Cybersecurity and Infrastructure Security Agency<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;color:#1F497D">Department of Homeland Security<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;color:#1F497D">Phone: (503) 930-5671
<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;color:#1F497D">Email:</span><span style="font-size:10.0pt;color:#777777">
</span><a href="mailto:theresa.masse@cisa.dhs.gov"><span style="font-size:10.0pt;color:#0563C1">theresa.masse@cisa.dhs.gov</span></a><u><span style="font-size:10.0pt;color:#0760C1"><o:p></o:p></span></u></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><img border="0" width="97" height="97" style="width:1.0138in;height:1.0138in" id="Picture_x0020_1" src="cid:image001.png@01D8DA1A.A22B2110"><span style="color:#1F497D"><o:p></o:p></span></p>
<p class="xxxmsonormal"><span style="font-family:"Arial",sans-serif"><o:p> </o:p></span></p>
</div>
</body>
</html>