CISA & FBI released Incident Response Guide for WWS Sector

Malicious cyber incidents, such as ransomware and unauthorized access, have affected the Water and Wastewater Sector (WWS) in the past few years. Particularly, ransomware is a common tactic cybercriminals use to target WWS utilities.



Cyber threat actors target the WWS because it is a vital component of numerous U.S. critical infrastructure sectors, such as energy, healthcare, and public health.



A collaborative Incident Response Guide (IRG) for the WWS Sector was developed by CISA, the Environmental Protection Agency (EPA), and the Federal Bureau of Investigation (FBI) to address cybersecurity challenges in the WWS Sector.



The federal roles, resources, and responsibilities for each phase of the cyber incident response (IR) lifecycle are detailed for the owners and operators of the WWS Sector in this guide.






Document

@import url('https://fonts.googleapis.com/css2?family=Poppins&display=swap');
@import url('https://fonts.googleapis.com/css2?family=Poppins&family=Roboto&display=swap');
*{
margin: 0; padding: 0;
text-decoration: none;
}
.container{
font-family: roboto, sans-serif;
width: 90%;
border: 1px solid lightgrey;
padding: 20px;
background: linear-gradient(2deg,#E0EAF1 100%,#BBD2E0 100%);
margin: 20px auto ;
border-radius: 40px 10px;
box-shadow: 5px 5px 5px #e2ebff;
}
.container:hover{
box-shadow: 10px 10px 5px #e2ebff;

}
.container .title{
color: #015689;
font-size: 22px;
font-weight: bolder;
}
.container .title{
text-shadow: 1px 1px 1px lightgrey;
}
.container .title:after {
width: 50px;
height: 2px;
content: ' ';
position: absolute;
background-color: #015689;
margin: 20px 8px;
}
.container h2{
line-height: 40px;
margin: 2px 0;
font-weight: bolder;
}
.container a{

color: #170d51;
}
.container p{
font-size: 18px;
line-height: 30px;

}

.container button{
padding: 15px;
background-color: #4469f5;
border-radius: 10px;
border: none;
background-color: #00456e ;
font-size: 16px;
font-weight: bold;
margin-top: 5px;
}
.container button:hover{
box-shadow: 1px 1px 15px #015689;
transition: all 0.2S linear;

}
.container button a{
color: white;
}
hr{
/ display: none; /
}

Free Webinar

Fastrack Compliance: The Path to ZERO-Vulnerability
Compounding the problem are zero-day vulnerabilities like the MOVEit SQLi, Zimbra XSS, and 300+ such vulnerabilities that get discovered each month. Delays in fixing these vulnerabilities lead to compliance issues, these delay can be minimized with a unique feature on AppTrana that helps you to get “Zero vulnerability report” within 72 hours.

Register for Free

Four Incident Response Lifecycle Phases



The IR lifecycle comprises four phases:



Preparation



Detection and analysis



Containment, eradication, and recovery



Post-incident activities
“The IR lifecycle provides organizations with a step-by-step framework for identifying and responding to a cyber incident. This IRG leverages the IR lifecycle framework, allowing WWS utilities to augment their own IR plans with information on federal roles, responsibilities, and resources”, CISA stated in the guide.



IR lifecycle phases


An organization can prevent cyber disasters and minimize their damage by being prepared, which also shortens the time it takes to resume regular operations.



The detection and analysis phase includes two key components: Accurate and timely reporting and rapid collective analysis aimed at comprehending the complete extent and implications of a cyber occurrence.



In the IR lifecycle, Containment, Eradication, and Recovery is the next stage. This phase is centered on coordinated messaging and information sharing, remediation, and mitigation assistance.



All pertinent parties must perform an in-depth examination of the occurrence and the response efforts made by responders following any cyber incident. The total of post-incident actions establishes “lessons learned.” 



The guide also mentions special agents and computer scientists with expertise in cyber incident response make up the quick-reaction Cyber Action Team (CAT). The CAT offers assistance with investigations and crucial question resolution that may speed up the progress of a case.



The CAT can deploy across the nation in a matter of hours to respond to significant incidents because of its extensive training in malware analysis, forensic investigations , and computer intrusions.



“This system guides all levels of government, nongovernmental organizations, and the private sector on how to work together to prevent, protect against, mitigate, respond to, and recover from incidents,” CISA said.



Try Kelltron’s cost-effective penetration testing services to evaluate digital systems security. Free demo available.
The post CISA & FBI released Incident Response Guide for WWS Sector appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform .