Cybersecurity Resources

Bulletins

• Exploitation of Vulnerability in SolarWinds Orion Platform
  The Cybersecurity and Infrastructure Security Agency (CISA) is aware of active exploitation of a vulnerability in SolarWinds Orion Platform software versions 2019.4 through 2020.2.1, which was released between March 2020 through June 2020. As a result, CISA has issued Emergency Directive 21-01. CISA has also published an urgent Current Activity Alert “Active Exploitation of SolarWinds Software“ which can be found at https://us-cert.cisa.gov/ncas/current-activity/2020/12/13/active-exploitation-solarwinds-software.CISA encourages affected organizations to read the SolarWinds and FireEye advisories for more information and FireEye’s GitHub page for detection countermeasures:
  1. SolarWinds Security Advisory
  2. FireEye Advisory: Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor
  3. FireEye GitHub page: Sunburst Countermeasures
• CISA Insights – Ransomware Outbreak
  In light of the recent increasing rate of ransomware attacks on local governments, the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Agency (CISA) has created a document titled, “CISA Insights: Ransomware Outbreak.”  APCO encourages all members to read the document and take the appropriate protective measures.
• DHS - CISA Statement on Iranian Cybersecurity Threat
  In response to reports of an increase in cybersecurity threats, the Department of Homeland Security's (DHS) Cybersecurity and Infrastructure Security Agency (CISA) Director Christopher C. Krebs issued a statement on Saturday, June 22, 2019. APCO encourages all members to view that statement here and take appropriate protective measures.
• Important Information From the U. S. Department of Homeland Security (DHS) Concerning Business Email Compromise (BEC) Scheme 
  March 13, 2019 - Business email compromise (BEC) is a scheme in which cybercriminals send out targeted email messages to personnel with finance or resource roles within an organization in order to trick them into transferring funds to the cybercriminals.
• Worldwide Threat Assessment of the U.S. Intelligence Community
  On January 31, 2019, the Multi-State Information Sharing and Analysis Center (MS- ISAC) released the Worldwide Threat Assessment of the U.S. Intelligence Community (IC)that provides an overview of the national security threats facing the United States.

Cybersecurity Committee

• Three Steps to a Stronger ECC Cyber Defense Strategy
  July 2021
• The TFOPA Cybersecurity Strategy and How to Implement it at Your ECC
  July 2021
• Cybersecurity Readiness Checklist
  April 2021
• Who Should Own and Drive Cybersecurity in the ECC
  February 2021
• Top 5 Cyber-Defense Practices for 9-1-1
  January 2019
• Cybersecurity Attacks: Detection and Mitigation
  July 2018

PSAP Specific Activity

• The Growing Threat of Targeted Ransomware
  July 2019
• What to Consider When Developing a Cybersecurity Strategy
  July 2019
• Failures in Cybersecurity Fundamentals Still Primary Cause of Compromise: Report
  July 2019

Cyber Perspective – From APCOs Technology Team

• Why Cybersecurity Matters
  September 2019
• Cybersecurity is Everyone's Responsibility
  January 2019
• Cybersecurity for NG9-1-1
  PSC Magazine, September/October 2018