MPS-ISAO Warning Report, “Malicious Port Security Grant-Themed Email“. The MPS-ISAO received an email sample from a U.S. Port customer this morning, and have confirmed that it is malicious. The distribution list for this port security grant-themed email was over 500. Please click here to see the report for email indicators.
Thanks Lester Millet for the report.
Lester J. Millet III, LEM
Safety Agency Risk Manager / FSO Workgroup Chairman
Port of South Louisiana
DHS Issues 60 Day ICR Notice for CSAT
From Chemical Facility Security News
Yesterday the DHS Cybersecurity and Infrastructure Security Agency, the agency that oversees the CFATS program, published a 60-day Information Collection Request (ICR) notice for revisions to the Chemical Security Assessment Tool (CSAT). The notice is intended to revise collection and burden estimates for data collection using CSAT 2.0.
Also included in yesterday’s ICR notice is a detailed review of the risk identification tool, Identification of Additional Facilities and Assets at Risk, that DHS is using to collect data during compliance inspections. At facilities that ship and receive COIs, the facilities are requested to voluntarily provide information on:
- Shipping and/or receiving procedures
- Invoices and receipts
- Company names and locations that COI is shipped and/or received from
Facilities that are identified has having SCADA, DCS, PCS, or ICS systems are requested to voluntarily provide information on:
- Details on the system(s) that controls, monitors, and/or manages small to large production systems as well as how the system(s) operates.
- If it is standalone or connected to other systems or networks and document the specific brand and name of the system(s)
Thanks to PJ Coyle for the information on this ICR. To read a more detailed review of the ICR, click here. While there, subscribe the PJ’s blog.