If You Are Currently Experiencing a Cyberattack
- Contact your local authorities
- Contact your vendors (phone company, CAD, Records, etc.)
- Implement your cyber response plan (If you don’t have one, you should – read on)
- Contact the Department of Homeland Security National Coordinating Center – National Cybersecurity and Communications Integration Center (DHS NCCIC) at 703-235-5080 or [email protected]
- File a complaint with the FBI Internet Crime and Complaint Center (IC3) at ic3.gov. Include keywords “PSAP, Public Safety” in the description of the incident
- Contact APCO at [email protected] (Note: this e-mail address is not monitored 24/7)
Cybersecurity Quick Tip Videos
View short videos with cybersecurity tips and useful information. Additional resources related to each week’s topic follow the videos.
CISA Publishes "Hunting Russian Intelligence 'Snake' Malware" Alert
The Cybersecurity and Infrastructure Security Agency (CISA) published a Joint Cybersecurity Alert this week that provides background information, detailed technical descriptions, and recommendations for mitigation strategies (https://www.cisa.gov/sites/default/files/2023-05/aa23-129a_snake_malware_1.pdf). This malware originated from Russia and is considered one of the most sophisticated cyber espionage tools designed by Russia’s Federal Security Service (FSB) for long-term intelligence collection.
The Snake malware is designed to avoid large-scale detection. This Joint Cybersecurity Alert details mitigation strategies and each strategy’s advantages and disadvantages. The mitigation strategies for the Snake malware are:
- Network-Based Detection
- Host-Based Detection
- Memory Analysis
This Joint Cybersecurity Alert is also available on cisa.gov.
CISA Creates Webpage for Apache Log4j Vulnerability
The Department of Homeland Security Cybersecurity and Infrastructure Security Agency (DHS CISA) recently created a website to track and respond to the active, widespread exploitation of a critical remote code execution vulnerability (CVE-2021-44228) affecting Apache Log4j software library versions 2.0-beta9 to 2.14.1.
Log4j is broadly used in a variety of consumer and enterprise services, websites and applications to log security and performance information. An unauthenticated, remote actor could exploit this vulnerability to take control of an affected system. This website aims to provide information such as indicators of compromise (IOC), mitigation procedures and current tactics, techniques and procedures.
CISA urges organizations to review its Apache Log4j Vulnerability Guidance webpage and upgrade to Log4j version 2.15.0, or apply the appropriate vendor recommended mitigations immediately. CISA will continue to update the webpage as additional information becomes available. APCO encourages you to forward this information to your IT professionals and product vendors to ensure this vulnerability is mitigated within your systems and networks.
Latest Cybersecurity News
The threats we face — digital and physical, man-made, technological, and natural — are more complex, and the threat actors more diverse, than at any point in our history. The US-CERT feed summarizes the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
ECC Specific Activity
