- ICS Advisories
ICS Advisories provide timely information about current security issues, vulnerabilities, and exploits .
- ICS Alerts
ICS Alerts provide timely notification to critical infrastructure owners and operators concerning threats or activity with the potential to impact critical infrastructure computing networks.
- ICS-CERT Monitor Newsletters (Legacy archive)
Subsequent to ICS-CERT integration with NCCIC, the Monitor Newsletter is no longer published. Previously released Monitor Newsletters can be located by following the link.
- Other Reports
This section includes ICS Technical Information Papers (TIPs), Annual Reports (Year in Review), and other products that NCCIC believes are of interest to persons engaged in protecting industrial control systems.
- MAR-17-352-01 HatMan - Safety System Targeted Malware (Update B)
- NCCIC/ICS-CERT 2016 Annual Vulnerability Coordination Report
- NCCIC/ICS-CERT Advanced Analytical Laboratory Malware Trends White Paper
- NCCIC/ICS-CERT FY 2015 Annual Vulnerability Coordination Report
- NCCIC Year in Review 2017
- Year in Review 2016
- FY2016 Incident Response Pie Charts (addendum to 2016 Year-in-Review)
- Year in Review 2015
- Year in Review 2014
- Year in Review 2013
- ST13-003 : (Security Tip) Handling Destructive Malware
- Year in Review 2012
- Roadmap to Secure Control Systems in the Transportation Sector
- Year in Review 2011
- Catalog of Control Systems Security: Recommendations for Standards Developers
- Common Cyber Security Vulnerabilities in Industrial Control Systems
- Year in Review 2010
- Cyber Security Procurement Language for Control Systems
- Primer Control Systems Cyber Security Framework and Technical Metrics
- Control Systems Communications Encryption Primer
- Critical Infrastructure and Control Systems Security Curriculum
- Securing your SCADA and Industrial Control Systems
- Potential Vulnerabilities in Municipal Communications Networks
- Backdoors and Holes in Network Perimeters: A Case Study for Improving Your Control System Security
- An Undirected Attack Against Critical Infrastructure: A Case Study for Improving your Control System Security
- Destructive Malware
This NCCIC/ICS-CERT white paper highlights a number of the destructive malware families analyzed by ICS-CERT and gives recommendations for victims on the best way to combat each specific family. Length is 4 pages. March 2017.
- WMI For Detection and Response
This NCCIC/ICS-CERT white paper has been temporarily removed from the web site pending resolution of content issues. April 2017.
- Improving the Operation and Development of GPS Equipment Used in Industrial Control Systems
This paper is intended as a Best Practices Guide for improving the operation and development of Global Positioning System (GPS) equipment used in Critical Infrastructure. Length is 21 pages. January 2017.
- Best Practices for Leap Second Event Occurring on 31 December 2016
This paper is intended to assist federal, state, local, and private sector organizations with preparations for Saturday, 31 December 2016 Leap Second Event. Length is 7 pages. October 2016.
- United States Electricity Industry Primer
U.S. Department of Energy. A high-level overview of the U.S. electricity supply chain, including generation, transmission, and distribution; markets and ownership structures, including utilities and regulatory agencies; and system reliability and vulnerabilities. Length is 49 pages. August 2016.
- ACSC Protect Notice, Malicious Email Mitigation Strategies
Australian Cyber Security Centre. This paper presents strategies for mitigating malicious email. Length is 11 pages. July 2016.
- Seven Steps to Effectively Defend Industrial Control Systems
DHS/FBI/NSA. This paper presents seven strategies that can be implemented today to counter common exploitable weaknesses in “as-built” control systems. Length is 6 pages. December 2015.
- Guidelines for Application Whitelisting in Industrial Control Systems
DHS/NSA. This document serves as an appendix to the “Seven Steps to Defend Industrial Control Systems” document, providing additional conceptual-level guidance on implementing application whitelisting. Length is 6 pages. April 2016.
- OCIA—The Future of Smart Cities: Cyber-Physical Infrastructure Risk
The Department of Homeland Security’s Office of Cyber and Infrastructure Analysis (DHS/OCIA) produced this report discussing how the adoption of, and increased reliance on smart technologies might create or increase risks for Smart Cities. Length is 49 pages. August 2015.
- 15 Cybersecurity Fundamentals for Water and Wastewater Utilities
This guide contains dozens of best practices, grouped into 15 main categories, that critical infrastructure organizations can implement to reduce security risks to their IT and OT systems. Each recommendation is accompanied by links to corresponding technical resources, including several Department of Homeland Security resources. Length is 56 pages. June 2019.
- Strategy for Securing Control Systems
Department of Homeland Security (DHS). This DHS document develops and describes a strategy to protect United States critical infrastructure. Length is 128 pages. October 2009.
- ICS Cybersecurity Response to Physical Security Breaches of Unmanned Critical Infrastructure Sites
SANS Institute InfoSec Reading Room. January 2014.
- 21 Steps to Improve Cyber Security of SCADA Networks
Office of Energy Assurance, Office of Independent Oversight and Performance Assurance, U.S. Department of Energy. If you prefer a list of cybersecurity improvements, then read this short, 10-page document.
- Cybersecurity and the Smarter Grid
U.S. Department of Energy Office of Electricity Delivery and Energy Reliability report discussing cybersecurity for the power grid and how DOE and the energy sector are partnering to keep the smart grid reliable and secure. October 2014.
- National SCADA Test Bed (NSTB) Program
Created in 2003, the National SCADA Test Bed (NSTB) is a one-of-a-kind national resource that draws on the integrated expertise and capabilities of the Argonne, Idaho, Lawrence Berkeley, Los Alamos, Oak Ridge, Pacific Northwest, and Sandia National Laboratories to address the cybersecurity challenges of energy delivery systems.
- Cyberspace Policy Review - Assuring a Trusted and Resilient Information and Communications Infrastructure
President Obama ordered a comprehensive review of cybersecurity strategy, policy, and standards as a starting point for developing broad goals to protect cyberspace communication infrastructure. Length is 76 pages. May 2009.
- National Infrastructure Protection Plan - Partnering to Enhance Protection and Resiliency
A plan for protecting critical infrastructure and key resources of the United States is the subject of this document. Length is 188 pages. 2009.
- North American Electric Reliability Council (NERC) Reliability Standards
The Critical Infrastructure Protection (CIP) tab on the NERC web page contains NERC standards for cybersecurity that can be applied to other industries as well.
- Roadmap to Secure Control Systems in the Chemical Sector
Prepared by Chemical Sector Roadmap Working Group, sponsored by the U.S. Department of Homeland Security and the Chemical Sector Coordinating Council. This Chemical Sector working group has developed five goals along with milestones to implementing a cybersecurity strategy. Length is 76 pages. September 2009.
- Top 10 Vulnerabilities of Control Systems and Their Associated Mitigations, 2007
North American Electric Reliability Council Control Systems Security Working Group and U.S. Department of Energy National SCADA Test Bed Program. This short, eight-page document lists 10 top vulnerabilities found in control systems and offers a graded approach to mitigating them. December 7, 2006.
- CISA Fact Sheet - Corporate Leadership Resilient Timing Overview
- CISA Fact Sheet - Technical Level Resilient Timing Overview
- File Hashing
- Improving Industrial Control System Cybersecurity with Defense-in-Depth Strategies
- What is WannaCry/WanaCrypt0r?
- GovDelivery Email Subscription
- NCCIC Industrial Control Systems
- PCII Protections
- Open Source Tools Available To Assess Risks To Internet Facing ICS
- Using YARA for Malware Detection
- Wake Up and Smell the Packets
- Preparing for Cyber Incident Analysis
- So You Think You've Been Compromised
- Strategy for Securing Control Systems
- ICS Cybersecurity for the C-Level