Control Systems Security Program (CSSP)
The goal of the DHS National Cyber Security Division's CSSP is to reduce industrial control system risks within and across all critical infrastructure and key resource sectors by coordinating efforts among federal, state, local, and tribal governments, as well as industrial control systems owners, operators and vendors. The CSSP coordinates activities to reduce the likelihood of success and severity of impact of a cyber attack against critical infrastructure control systems through risk-mitigation activities.
To obtain additional information or request involvement or assistance, contact cssp@hq.dhs.gov.
The Department of Homeland Security (DHS) Control Systems Security Program (CSSP) has released Version 4.1 of the Cyber Security Evaluation Tool (CSET™). This new version of the tool can be downloaded from the CSSP website.
CSET™ Version 4.1 provides users with the option of creating or modifying their network diagram in Microsoft Visio®. This new functionality supplies a Visio® stencil with network shapes recognized by CSET™. CSET™ imports the Visio® diagram, assigns questions to the included components, and looks for general network vulnerabilities as if the diagram had been created within CSET™ itself. In addition, a diagram export function from CSET™ to Visio® is also provided.
ICS-CERT has released an ALERT titled "ICS-ALERT-12-136-01
- Wonderware SuiteLink Unallocated Unicode String" that
identifies an unallocated Unicode string vulnerability.
ICS-CERT has released an Advisory titled "ICSA-12-131-01 - Progea
Movicon Memory Corruption" that identifies a memory
corruption vulnerability in the Progea Movicon application.
ICS-CERT has released an Advisory titled "ICSA-12-129-01 -
Wellintech KingSCADA Insecure Password Encryption" that
details an unsecure password encryption vulnerability in the KingSCADA
application. This web release follows the earlier secure portal
release.
ICS-CERT has released the Newsletter titled "ICS-CERT Monthly Monitor" for April 2012, a summary of ICS-CERT activities for the previous month.
ICS-CERT has released an Advisory titled "ICSA-12-122-01 — WellinTech
KingView DLL Hijack Vulnerability" that details a DLL hijack
vulnerability in the KingView application.
The National Cybersecurity and Communication Integration Center
(NCCIC) has released "Bulletin -
201204301400 - DNSChanger" that discusses the pending
cessation of the temporary "clean" DNS server support for
Internet access.
ICS-CERT has released an updated ALERT titled "ICS-ALERT-12-116-01A
- (UPDATE) RuggedCom Weak Cryptography for Password
Vulnerability" that contains a new notification from
RuggedCom as well as their notice of intent to release a patch within
the next month.
ICS-CERT has released an ALERT titled "ICS-ALERT-12-116-01 - RuggedCom Weak Cryptography for Password Vulnerability" that details a default backdoor user account with trivial password encoding.
ICS-CERT has released the Newsletter titled "ICS-CERT Monthly Monitor" for March 2012, a summary of ICS-CERT activities for the previous month.
ICS-CERT has released an Updated Advisory titled "ICSA-12-030-01A - (UPDATE) Siemens SIMATIC WinCC Multiple Vulnerabilities" where ICS-CERT has tested and validated the software update that resolves the reported vulnerabilities.
The Industrial Control Systems Joint Working Group (ICSJWG) 2012 Spring Conference dates have been finalized as May 7 - 10, 2012. This conference will be held at the Hyatt Regency Savannah in Savannah, Georgia, USA. This event is open to all members interested in learning about cybersecurity issues facing the nation's critical infrastructure control systems. This is an excellent resource for government professionals (federal, state, local, tribal, and international); control system vendors and systems integrators; research, development, and academic professionals; and owners and operators (management, engineering, production, and IT). Conference attendees will be able to discuss the latest initiatives impacting the security of industrial control systems and will have the opportunity to interact with colleagues and peers who may be addressing the risks of threats and vulnerabilities to their systems. Click on the graphic to learn more about the conference.
Top 10 most accessed control systems documents and web pages
- ICS-CERT
- Strategy for Securing Control Systems
- Catalog of Control Systems Security: Recommendations for Standards Developers
- Cyber Security Procurement Language for Control Systems
- Recommended Practices
- Personnel Security Guidelines
- Recommended Practice: Improving Industrial Control Systems Cybersecurity with Defense-In-Depth Strategies
- Developing an Industrial Control Systems Cybersecurity Incident Response Capability
- Cyber Security Evaluation Tool
- Secure Architecture Design
CSSP and ICS-CERT encourage you to report suspicious cyber activity, incidents and vulnerabilities affecting critical infrastructure control systems. You can also submit reports to ICS-CERT via one of the following methods:
- ICS related cyber activity: ics-cert@dhs.gov
- ICS-CERT Watch Floor: 1-877-776-7585
When sending sensitive information to ICS-CERT via email, we encourage you to encrypt your messages.
Download the public key.
