The Cyber Threat Indicator and Defensive Measures Submission System provides a secure, web-enabled method of sharing cyber threat indicators and defensive measures with DHS. This system helps analysts to process cyber threat indicators and defensive measures for further sharing with Federal Government and private sector entities. + More Detail
According to the Cybersecurity Information Sharing Act of 2015 (CISA), the term “cyber threat indicator” means information that is necessary to describe or identify
The term “defensive measure” means an action, device, procedure, signature, technique, or other measure applied to an information system or information that is stored on, processed by, or transiting an information system that detects, prevents, or mitigates a known or suspected cybersecurity threat or security vulnerability. However, the term “defensive measure” does not include a measure that destroys, renders unusable, provides unauthorized access to, or substantially harms an information system or data on an information system not belonging to—
We encourage you to share any information that falls within the definitions above of a cyber threat indicator or defensive measure. All cyber threat indicators and defensive measures submitted through this system by a non-federal entity as defined in CISA are deemed submitted under section 104(c) and 105(c)(1)(B) of CISA. Please do not submit personal information not directly related to a cybersecurity threat using this form. For more information about sharing cyber threat indicators and defensive measures with the Federal Government under CISA, see https://www.us-cert.gov/ais.
Please answer the questions as completely and accurately as possible. Questions that must be answered are marked with a red asterisk. This website uses Secure Sockets Layer (SSL) / Transport Layer Security (TLS) to provide secure communications. This method of communication is much more secure than unencrypted email.
If there is malware associated with this cyber threat indicator, please share that separately via the US-CERT Malware Submission site. Fields marked (*) are required.
To submit a cyber threat indicator or defensive measure by email, please send an encrypted email to the DHS Indicator Submission Inbox (NCCICCustomerService@hq.dhs.gov). The PGP/GPG key is available at http://www.us-cert.gov/contact-us
Authority: 5 U.S.C. § 301 and 44 U.S.C. § 3101 authorize the collection of this information.
Purpose: The primary purpose for the collection of this information is to allow the Department of Homeland Security to contact you regarding your request.
Routine Uses: The information collected may be disclosed as generally permitted under 5 U.S.C. § 552a(b) of the Privacy Act of 1974, as amended. This includes using the information as necessary and authorized by the routine uses published in DHS/ALL-002 - Department of Homeland Security (DHS) Mailing and Other Lists System Novermber 25, 2008, 73 FR 71659.
Disclosure: Providing this information is voluntary, however, failure to provide this information will prevent DHS from contacting you in the event there are questions regarding your request.