Region 2 VPP Sites:
The Cybersecurity and Infrastructure Security Agency's (CISA) Chemical Security Assessment Tool (CSAT) was the target of a cybersecurity intrusion by a malicious actor from January 23-24, 2024.
Please see the CISA email below for more information and upcoming stakeholder webinars.
Thank you for participating in the Voluntary Protection Program.
--
"The Cybersecurity and Infrastructure Security Agency's (CISA) Chemical Security Assessment Tool (CSAT) was the target of a cybersecurity intrusion by a malicious actor from January 23-24, 2024. While CISA's investigation found no evidence of exfiltration of data, this may have resulted in the potential unauthorized access of Top-Screen surveys, Security Vulnerability Assessments, Site Security Plans, Personnel Surety Program submissions, and CSAT user accounts.
Following the reporting requirements under the Federal Information Security Modernization Act (FISMA), CISA is notifying participants in the Chemical Facility Anti-Terrorism Standards (CFATS) program about the intrusion and the potentially impacted information. CISA is encouraging facilities to maintain cybersecurity and physical security measures according to normal procedures.
In addition to direct facility notification and individual notifications provided by facilities for impacted individuals, CISA has also notified potentially impacted individuals of the incident and published cisa.gov/csat-notification with additional updates, as available.
CISA is hosting two webinars for stakeholders during which we will review the information provided in the frequently asked questions. The webinars will be held on Monday, June 24, 2024, at 2:30 pm ET (11:30 am PT) and Tuesday, July 9, 2024, at 2:30 pm ET (11:30 am PT). Both webinars will cover the same material.
Register for June 24, 2024, Webinar
Register for July 9, 2024, Webinar
Questions about this incident by chemical facilities or their third-party partners should be addressed to CISA Chemical Security at CFATS.Notifications@cisa.dhs.gov. Potentially impacted individuals should review the webpage for additional tools and resources."
Comments