- ICS-CERT Advisories
Advisories provide timely information about current security issues, vulnerabilities, and exploits . - ICS-CERT Alerts
An ICS-CERT Alert is intended to provide timely notification to critical infrastructure owners and operators concerning threats or activity with the potential to impact critical infrastructure computing networks. - ICS-CERT Monitor Newsletters
ICS-CERT publishes the Monitor Newsletter when an adequate amount of pertinent information has been collected. We provide this newsletter as a service to personnel actively engaged in the protection of critical infrastructure assets. - Other Reports
This section includes ICS-CERT Technical Information Papers (TIPs), Annual Reports (Year in Review), and other products that ICS-CERT believes are of interest to persons engaged in protecting industrial control systems.
- NCCIC/ICS-CERT 2016 Annual Vulnerability Coordination Report
August 2017 - NCCIC/ICS-CERT Advanced Analytical Laboratory Malware Trends White Paper
November 2016 - NCCIC/ICS-CERT FY 2015 Annual Vulnerability Coordination Report
September 2016 - NCCIC Year in Review 2017
April 2018 - Year in Review 2016
March 2017 - FY2016 Incident Response Pie Charts (addendum to 2016 Year-in-Review)
June 2017 - Year in Review 2015
April 2015 - Year in Review 2014
April 2015 - Year in Review 2013
February 2014 - ST13-003 : (Security Tip) Handling Destructive Malware
November 2013 - Year in Review 2012
March 2013 - Roadmap to Secure Control Systems in the Transportation Sector
August 2012 - Year in Review 2011
October 2011 - Catalog of Control Systems Security: Recommendations for Standards Developers
April 2011 - Common Cyber Security Vulnerabilities in Industrial Control Systems
May 2011 - Year in Review 2010
January 2011 - Cyber Security Procurement Language for Control Systems
September 2009 - Primer Control Systems Cyber Security Framework and Technical Metrics
June 2009 - Control Systems Communications Encryption Primer
December 2009 - Critical Infrastructure and Control Systems Security Curriculum
March 2008 - Securing your SCADA and Industrial Control Systems
June 2007 - Potential Vulnerabilities in Municipal Communications Networks
December 2006 - Backdoors and Holes in Network Perimeters: A Case Study for Improving Your Control System Security
August 2005 - An Undirected Attack Against Critical Infrastructure: A Case Study for Improving your Control System Security
September 2005
- Destructive Malware
This NCCIC/ICS-CERT white paper highlights a number of the destructive malware families analyzed by ICS-CERT and gives recommendations for victims on the best way to combat each specific family. Length is 4 pages. March 2017. - WMI For Detection and Response
This NCCIC/ICS-CERT white paper has been temporarily removed from the web site pending resolution of content issues. April 2017. - Improving the Operation and Development of GPS Equipment Used in Industrial Control Systems
This paper is intended as a Best Practices Guide for improving the operation and development of Global Positioning System (GPS) equipment used in Critical Infrastructure. Length is 21 pages. January 2017. - Best Practices for Leap Second Event Occurring on 31 December 2016
This paper is intended to assist federal, state, local, and private sector organizations with preparations for Saturday, 31 December 2016 Leap Second Event. Length is 7 pages. October 2016. - United States Electricity Industry Primer
U.S. Department of Energy. A high-level overview of the U.S. electricity supply chain, including generation, transmission, and distribution; markets and ownership structures, including utilities and regulatory agencies; and system reliability and vulnerabilities. Length is 49 pages. August 2016. - ACSC Protect Notice, Malicious Email Mitigation Strategies
Australian Cyber Security Centre. This paper presents strategies for mitigating malicious email. Length is 11 pages. July 2016. - Seven Steps to Effectively Defend Industrial Control Systems
DHS/FBI/NSA. This paper presents seven strategies that can be implemented today to counter common exploitable weaknesses in “as-built” control systems. Length is 6 pages. December 2015. - Guidelines for Application Whitelisting in Industrial Control Systems
DHS/NSA. This document serves as an appendix to the “Seven Steps to Defend Industrial Control Systems” document, providing additional conceptual-level guidance on implementing application whitelisting. Length is 6 pages. April 2016. - OCIA—The Future of Smart Cities: Cyber-Physical Infrastructure Risk
The Department of Homeland Security’s Office of Cyber and Infrastructure Analysis (DHS/OCIA) produced this report discussing how the adoption of, and increased reliance on smart technologies might create or increase risks for Smart Cities. Length is 49 pages. August 2015. - 10 Basic Cybersecurity Measures (WaterISAC)
WaterISAC partnered with the U.S. Department of Homeland Security Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), the FBI, and the Information Technology ISAC to develop a list of 10 basic cybersecurity recommendations to reduce exploitable weaknesses and defend against avoidable data breaches and cyber attacks. Length is 9 pages. June 2015. - Strategy for Securing Control Systems
Department of Homeland Security (DHS). This DHS document develops and describes a strategy to protect United States critical infrastructure. Length is 128 pages. October 2009. - ICS Cybersecurity Response to Physical Security Breaches of Unmanned Critical Infrastructure Sites
SANS Institute InfoSec Reading Room. January 2014. - 21 Steps to Improve Cyber Security of SCADA Networks
Office of Energy Assurance, Office of Independent Oversight and Performance Assurance, U.S. Department of Energy. If you prefer a list of cybersecurity improvements, then read this short, 10-page document. - Cybersecurity and the Smarter Grid
U.S. Department of Energy Office of Electricity Delivery and Energy Reliability report discussing cybersecurity for the power grid and how DOE and the energy sector are partnering to keep the smart grid reliable and secure. October 2014. - National SCADA Test Bed (NSTB) Program
Created in 2003, the National SCADA Test Bed (NSTB) is a one-of-a-kind national resource that draws on the integrated expertise and capabilities of the Argonne, Idaho, Lawrence Berkeley, Los Alamos, Oak Ridge, Pacific Northwest, and Sandia National Laboratories to address the cybersecurity challenges of energy delivery systems. - Cyberspace Policy Review - Assuring a Trusted and Resilient Information and Communications Infrastructure
President Obama ordered a comprehensive review of cybersecurity strategy, policy, and standards as a starting point for developing broad goals to protect cyberspace communication infrastructure. Length is 76 pages. May 2009. - National Infrastructure Protection Plan - Partnering to Enhance Protection and Resiliency
A plan for protecting critical infrastructure and key resources of the United States is the subject of this document. Length is 188 pages. 2009. - North American Electric Reliability Council (NERC) Reliability Standards
The Critical Infrastructure Protection (CIP) tab on the NERC web page contains NERC standards for cybersecurity that can be applied to other industries as well. - Roadmap to Secure Control Systems in the Chemical Sector
Prepared by Chemical Sector Roadmap Working Group, sponsored by the U.S. Department of Homeland Security and the Chemical Sector Coordinating Council. This Chemical Sector working group has developed five goals along with milestones to implementing a cybersecurity strategy. Length is 76 pages. September 2009. - Top 10 Vulnerabilities of Control Systems and Their Associated Mitigations, 2007
North American Electric Reliability Council Control Systems Security Working Group and U.S. Department of Energy National SCADA Test Bed Program. This short, eight-page document lists 10 top vulnerabilities found in control systems and offers a graded approach to mitigating them. December 7, 2006.
- File Hashing
April 2018 - Improving Industrial Control System Cybersecurity with Defense-in-Depth Strategies
April 2018 - What is WannaCry/WanaCrypt0r?
April 2018 - GovDelivery Email Subscription
April 2018 - NCCIC Industrial Control Systems
April 2018 - PCII Protections
April 2018 - ICS Private Sector Critical Infrastructure Assessments
April 2018 - ICS Federal Critical Infrastructure Assessments
April 2018 - Cyber Security Evaluation Tool (CSET)
April 2018 - Open Source Tools Available To Assess Risks To Internet Facing ICS
April 2018 - Using YARA for Malware Detection
April 2018 - Wake Up and Smell the Packets
April 2018 - Preparing for Cyber Incident Analysis
April 2018 - So You Think You've Been Compromised
April 2018 - Industrial Control Systems Joint Working Group (ICSJWG)
April 2018 - Training Fact Sheet
April 2018 - Strategy for Securing Control Systems
April 2018 - ICS Cybersecurity for the C-Level
April 2018 - Cyber Information Sharing with DHS CERTs
February 2016 - Cyber Security Procurement Language for Control Systems Brochure
April 2009