Best practices for system administrators and other technical staff to enhance Critical Infrastructure, industry, schools, as well as State, Local, Tribal, and Territorial (SLTT) government organizational security posture during remote working conditions.
Home and Business (Resource Page for home and small business networks)
Resource page for teleworkers and small business owners to learn about securing their home and small-business networks.
- Target Audiences: Small/Medium business managers, IT professionals, Home users
- Target Organizations: General public, Small/Medium Business
AA20-345A: Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Data
Disruption of distance learning services, ransomware attacks and data theft continue to threaten kindergarten through twelfth grade (K-12) educational institutions. Since March 2020, there have been numerous reports of uninvited users disrupting live video-conferenced classroom sessions and ransomware attacks on these institutions. A Joint Cybersecurity Advisory from CISA, the FBI, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) provides an assessment on recent attempts of malicious cyber actors to target schools and how to mitigate these cyber-attacks.
- Target Audiences: Senior cybersecurity managers, system/network engineering staff, administrators
- Target Organizations: Schools
AA20-120A: Microsoft Office 365 Security Recommendations
This Alert is an update to CISA’s May 2019 Analysis Report, AR19-133A: Microsoft Office 365 Security Observations, and reiterates the recommendations related to Microsoft Office 365 (O365) for organizations to review and ensure their newly adopted environment is configured to protect, detect, and respond against would be attackers of O365.
- Target Audiences: Senior cybersecurity managers, system/network engineering staff/administrators
- Target Organizations: Government agencies, SLTT, Small/Medium Business, Critical Infrastructure
Top tips for safely using videoconferencing to ensure employees are only using approved tools and that their home networks are secured.
- Target Audiences: Small/Medium business managers, Federal employees, Teleworkers, Home users
- Target Organizations: General public, Small/Medium Business
Guidance for Securing Video Conferencing
CISA product line with cybersecurity principles and practices that individuals and organizations can follow to video conference more securely.
- Target Audiences: Small/Medium business managers, Federal employees, Teleworkers, Home users
- Target Organizations: General public, Small/Medium Business
Secure Video Conferencing for Schools (Recommendations and Tip Sheet)
CISA product for school district and campus IT administrators charged with securing their IT networks, as well as end users (e.g., teachers) to help them think through cybersecurity issues. A corresponding tip sheet provides guidelines to keep schools, staff, and students safe.
- Target Audiences: Cybersecurity managers, system/network engineering staff/administrators
- Target Organizations: Schools
Cybersecurity Recommendations for Critical Infrastructure Using Video Conferencing
Advisory guidance intended to assist Critical Infrastructure organizations to incorporate cybersecurity considerations when adopting or expanding the use of video conferencing software and related collaboration tools.
- Target Audiences: Senior Cybersecurity managers, system/network engineering staff/administrators
- Target Organizations: Critical Infrastructure
Remediate Vulnerabilities for Internet Accessible Systems
CISA Insights document providing guidance and recommendations to ensure effective and timely remediation of vulnerabilities identified through vulnerability scanning before malicious actors can compromise your networks via exploitable, externally-facing systems.
- Target Audiences: Senior cybersecurity managers, system/network engineering staff/administrators
- Target Organizations: Government agencies, SLTT, Small/Medium Business, Critical Infrastructure
AA20-099A: COVID-19 Exploited by Malicious Cyber Actors
A joint alert from CISA and the United Kingdom’s National Cyber Security Centre (NCSC) that provides information on exploitation by cybercriminal and advanced persistent threat (APT) groups of the current coronavirus disease 2019 (COVID-19) global pandemic.
- Target Audiences: Senior cybersecurity managers, system/network engineering staff/administrators
- Target Organizations: Government agencies, SLTT, Small/Medium Business, Critical Infrastructure
Joint CISA and UK Tip on COVID-19 Cyber Threat Exploitation
This joint product from CISA and the United Kingdom’s National Cyber Security Centre (NCSC) provides practical advice for individuals and organizations on how to defend against COVID-19-related malicious cyber activity.
- Target Audiences: Senior cybersecurity managers, system/network engineering staff/administrators
- Target Organizations: Government agencies, SLTT, Small/Medium Business, Critical Infrastructure
Responding to a Pandemic: Technology Consideration for PSAPS
Public Safety Answering Points (PSAPs) around the country must be prepared for reduced onsite staff due to social distancing measures and increased sick and family medical leave. To learn about unique solutions to this complicated challenge, read one stakeholder’s approach to managing a remote 9-1-1 environment during Covid.
- Target Audiences: Cybersecurity managers, system/network engineering staff/administrators
- Target Organizations: Public Safety Answering Points, Emergency Call/Communications Centers
Building Collective Resilience for the ICT Supply Chain
Protecting the Nation’s critical infrastructure requires a collective, coordinated effort. Individual companies and organizations can follow these steps to build and implement an effective ICT supply chain risk management (SCRM) program to improve their overall security posture.
- Target Audiences: Senior cybersecurity managers, system/network engineering staff/administrators
- Target Organizations: Critical Infrastructure, Information and Communications Technology Supply Chain
AA20-073A: Enterprise VPN Security
Employers are using alternate workplace options during COVID-19, which has increased employers’ reliance on enterprise virtual private network (VPN) solutions to connect employees to an organization’s information technology (IT) network. This CISA Alert helps organizations adopt a heightened state of cybersecurity.
- Target Audiences: Senior cybersecurity managers, system/network engineering staff/administrators
- Target Organizations: Government agencies, SLTT, Small/Medium Business, Critical Infrastructure
ICSA-20-184-02: ABB System 800xA Information Manager
ICS-CERT Advisory detailing identified vulnerability that involves luring a user to a malicious website to potentially cause the Display Services functionality to stop or malfunction. The Advisory provides recommended baseline security practices and firewall configurations to help protect a network and its attached devices from attacks that originate from outside the network.
- Target Audiences: Senior cybersecurity managers, system/network engineering staff/administrators
- Target Organizations: Government agencies, Critical Infrastructure, Industrial Control Systems
AA20-183A: Defending Against Malicious Cyber Activity Originating from Tor
This advisory—written by the Cybersecurity Security and Infrastructure Security Agency (CISA) with contributions from the Federal Bureau of Investigation (FBI)—highlights risks associated with Tor, along with technical details and recommendations for mitigation.
- Target Audiences: Senior cybersecurity managers, system/network engineering staff/administrators
- Target Organizations: Government agencies, SLTT, Small/Medium Business, Critical Infrastructure
AA20-107A: Continued Threat Actor Exploitation Post Pulse Secure VPN Patching
CISA Alert providing an update to a previous alert, which advised organizations to immediately patch CVE-2019-11510—an arbitrary file reading vulnerability affecting Pulse Secure virtual private network (VPN) appliances. This Alert provides new detection methods for this activity, including a CISA-developed tool that helps network administrators search for relevant indicators of compromise (IOCs).
- Target Audiences: Senior cybersecurity managers, system/network engineering staff/administrators
- Target Organizations: Government agencies, SLTT, Small/Medium Business, Critical Infrastructure
AA20-010A: Continued Exploitation of Pulse Secure VPN Vulnerability
CISA Alert highlighting the continued threat to unpatched Pulse Secure VPN servers from malicious actors. The Alert strongly urges users and administrators to upgrade to the corresponding fixes in the face of likely continued attacks.
- Target Audiences: Senior cybersecurity managers, system/network engineering staff/administrators
- Target Organizations: Government agencies, SLTT, Small/Medium Business, Critical Infrastructure
AA20-031A: Detecting Citrix CVE-2019-19781
CISA Alert providing tools and technologies to assist with detecting the presence of cyber network exploitation (CNE) actors who have successfully compromised numerous organizations that employed vulnerable Citrix devices.
- Target Audiences: Senior cybersecurity managers, system/network engineering staff/administrators
- Target Organizations: Government agencies, SLTT, Critical Infrastructure
AA20-126A: APT Groups Target Healthcare and Essential Services
This joint alert from CISA and the United Kingdom’s National Cyber Security Centre (NCSC) addresses indications that advanced persistent threat (APT) groups are exploiting the COVID-19 pandemic as part of their cyber operations. This alert highlights ongoing activity by APT groups against organizations involved in both national and international COVID-19 responses.
- Target Audiences: Senior cybersecurity managers, system/network engineering staff/administrators
- Target Organizations: Government agencies, SLTT, Critical Infrastructure, Healthcare Sector, Schools
ST18-001: Securing Network Infrastructure Devices
Security Tip outlines how to security your organization’s network infrastructure devices, highlights the security threats associated with them, and details several recommendations about how you can improve their security.
- Target Audiences: Cybersecurity managers, system/network engineering staff/administrators
- Target Organizations: Small/Medium Business
ST05-015: Understanding Bluetooth Technology
Security Tip that introduces Bluetooth technology, discusses the concerns associated with it, and outlines ways you can protect yourself from these threats.
- Target Audiences: Small/Medium business managers, teleworkers, home users
- Target Organizations: General public, Small/Medium Business
ST05-003: Securing Wireless Networks
Security Tip addressing how to implement a security strategy to minimize the potential for exploitation of Internet-connected devices (i.e., Internet of Things) in our homes and home offices.
- Target Audiences: Cybersecurity managers, system/network engineering staff/administrators
- Target Organizations: General public, Federal government, SLTT
ST18-247: Securing Enterprise Wireless Networks
Security Tip outlining the security threats to our enterprise wireless networks, the steps we can take to minimize the risks to enterprise Wi-Fi networks, and other recommendations your organization can to take to secure your network.
- Target Audiences: Senior cybersecurity managers, network engineering staff
- Target Organizations: Government agencies, Industry
ST04-020: Protecting Portable Devices: Data Security
Security Tip discussing the importance of protecting the data on your laptop, PDA, or other portable devices.
- Target Audiences: Small/Medium business managers, Federal employees, Teleworkers, Home users
- Target Organizations: General public, Small/Medium Business