APCO Cybersecurity Resources
- Exploitation of Vulnerability in SolarWinds Orion Platform
The Cybersecurity and Infrastructure Security Agency (CISA) is aware of active exploitation of a vulnerability in SolarWinds Orion Platform software versions 2019.4 through 2020.2.1, which was released between March 2020 through June 2020. As a result, CISA has issued Emergency Directive 21-01. CISA has also published an urgent Current Activity Alert “Active Exploitation of SolarWinds Software“ which can be found at https://us-cert.cisa.gov/ncas/current-activity/2020/12/13/active-exploitation-solarwinds-software.CISA encourages affected organizations to read the SolarWinds and FireEye advisories for more information and FireEye’s GitHub page for detection countermeasures:
- SolarWinds Security Advisory
- FireEye Advisory: Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor
- FireEye GitHub page: Sunburst Countermeasures
- CISA Insights – Ransomware Outbreak
In light of the recent increasing rate of ransomware attacks on local governments, the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Agency (CISA) has created a document titled, “CISA Insights: Ransomware Outbreak.” APCO encourages all members to read the document and take the appropriate protective measures.
- DHS - CISA Statement on Iranian Cybersecurity Threat
In response to reports of an increase in cybersecurity threats, the Department of Homeland Security's (DHS) Cybersecurity and Infrastructure Security Agency (CISA) Director Christopher C. Krebs issued a statement on Saturday, June 22, 2019. APCO encourages all members to view that statement here and take appropriate protective measures.
- Important Information From the U. S. Department of Homeland Security (DHS) Concerning Business Email Compromise (BEC) Scheme
March 13, 2019 - Business email compromise (BEC) is a scheme in which cybercriminals send out targeted email messages to personnel with finance or resource roles within an organization in order to trick them into transferring funds to the cybercriminals.
- Worldwide Threat Assessment of the U.S. Intelligence Community
On January 31, 2019, the Multi-State Information Sharing and Analysis Center (MS- ISAC) released the Worldwide Threat Assessment of the U.S. Intelligence Community (IC)that provides an overview of the national security threats facing the United States.
PSAP Specific Activity
Cyber Perspective – From APCOs Technology Team