<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"Microsoft Sans Serif";
panose-1:2 11 6 4 2 2 2 2 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
p.cs2654ae3a, li.cs2654ae3a, div.cs2654ae3a
{mso-style-name:cs2654ae3a;
margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
p.cs15b7ae4b, li.cs15b7ae4b, div.cs15b7ae4b
{mso-style-name:cs15b7ae4b;
margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Arial",sans-serif;
color:black;}
span.EmailStyle20
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.csc8f6d761
{mso-style-name:csc8f6d761;
font-family:"Calibri",sans-serif;
color:black;
font-weight:normal;
font-style:normal;}
span.cscca9035d1
{mso-style-name:cscca9035d1;
font-family:"Calibri",sans-serif;
color:blue;
font-weight:normal;
font-style:normal;
text-decoration:underline;}
span.cs7088c2d41
{mso-style-name:cs7088c2d41;
font-family:"Calibri",sans-serif;
color:#1F497D;
font-weight:normal;
font-style:normal;
text-decoration:underline;}
span.cs23fb06641
{mso-style-name:cs23fb06641;
font-family:"Times New Roman",serif;
color:black;
font-weight:normal;
font-style:normal;}
span.csb31e3c811
{mso-style-name:csb31e3c811;
font-family:"Times New Roman",serif;
color:#1F497D;
font-weight:normal;
font-style:normal;}
span.cs1befe4a51
{mso-style-name:cs1befe4a51;
font-family:"Times New Roman",serif;
color:blue;
font-weight:normal;
font-style:normal;
text-decoration:underline;}
span.csedbfcf261
{mso-style-name:csedbfcf261;
font-family:"Microsoft Sans Serif",sans-serif;
color:black;
font-weight:normal;
font-style:normal;}
span.EmailStyle28
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:#1F497D;}
span.EmailStyle29
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:1121800467;
mso-list-template-ids:333886118;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1
{mso-list-id:1302612463;
mso-list-template-ids:411840772;}
@list l1:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l1:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level4
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level5
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level7
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level8
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="#0563C1" vlink="#954F72">
<div class="WordSection1">
<p class="MsoNormal"><span style="color:#1F497D">Good morning,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">You should be receiving the below information directly from ODE, but it is not clear if they are using the new state technology coordinators Open Space to send this information, or if they will use another contact
method. If you haven’t registered for the new Technology Coordinators resource (that will be replacing the technology coordinators’ listserv), you can do that here:
</span><span style="color:#1F497D"><a href="https://openspace.infohio.org/groups/ohio-technology-coordinator-group/135/">https://openspace.infohio.org/groups/ohio-technology-coordinator-group/135/</a><o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Below is some current cyber security information and warnings from CISA.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Thanks,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Thor<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<div>
<p class="MsoNormal"><span style="color:#1F497D">Thor Sage<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Executive Director<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Miami Valley Educational Computer Association<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">937-767-1468 x3101<o:p></o:p></span></p>
<p class="MsoNormal"><a href="http://www.mveca.org/"><span style="color:#1F497D;text-decoration:none"><img border="0" width="174" height="64" style="width:1.8125in;height:.6666in" id="_x0000_i1029" src="cid:image003.jpg@01D831FE.2D2C93E0" alt="http://www.mveca.org/images/logo.gif"></span></a><span style="color:#1F497D">
</span><a href="https://www.linkedin.com/company/mveca/"><span style="color:#1F497D;text-decoration:none"><img border="0" width="32" height="32" style="width:.3333in;height:.3333in" id="_x0000_i1028" src="cid:image004.jpg@01D831FE.2D2C93E0" alt="i"></span></a><a href="https://twitter.com/mvecarcog"><span style="color:#1F497D;text-decoration:none"><img border="0" width="32" height="32" style="width:.3333in;height:.3333in" id="Picture_x0020_2" src="cid:image005.jpg@01D831FE.2D2C93E0" alt="t"></span></a><span style="color:#1F497D"><o:p></o:p></span></p>
<p class="MsoNormal"><i><span style="color:#1F497D">Not-for-profit Technology Services for Education and Local Governments<o:p></o:p></span></i></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
</div>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<div>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs15b7ae4b" style="margin-left:.5in;text-indent:-.25in;mso-list:l1 level1 lfo3">
<![if !supportLists]><span style="font-size:10.0pt;font-family:Symbol"><span style="mso-list:Ignore">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><![endif]><span class="csc8f6d761">DO NOT download anything down from Github or anywhere else on Conti or Conti leaks…there is a STEALTH BACKDOOR(Backdoor.WebShell/ASP!1.D3D8 (CLASSIC) attached to some of it!
</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">While there are no current specific credible threats to the U.S. homeland, current geopolitical activities have highlighted the importance of staying vigilant and taking appropriate steps to reduce vulnerabilities
whenever possible. With that said, below are some resources CISA would like to highlight.
</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">CISA Shields Up Website</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">Shields Up | CISA </span><span class="cscca9035d1"><a href="https://www.cisa.gov/shields-up" target="_blank">https://www.cisa.gov/shields-up</a></span><span class="csc8f6d761">
</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">This page consolidates CISA’s published resources on cyber threats related to the current geopolitical tensions. It is designed to help critical infrastructure owners and operators mitigate possible cyber threats
and strengthen their cybersecurity posture. </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">Alert (AA22-057): Destructive Malware Targeting Organizations in Ukraine</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">Destructive Malware Targeting Organizations in Ukraine | CISA
</span><span class="cscca9035d1"><a href="https://www.cisa.gov/uscert/ncas/alerts/aa22-057a" target="_blank">https://www.cisa.gov/uscert/ncas/alerts/aa22-057a</a></span><span class="csc8f6d761">
</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">A joint advisory with CISA and the FBI which provides information on WhisperGate and HermeticWiper malware. Open-source indicators of compromise (IOCs) for organizations to detect and prevent the malware. Additionally,
this joint CSA provides recommended guidance and considerations for organizations to address as part of network architecture, security baseline, continuous monitoring, and incident response practices.</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">Alert (AA22-054A): New Sandworm Malware Cyclops Blink replaces VPNFilter.</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">New Sandworm Malware Cyclops Blink Replaces VPNFilter | CISA
</span><span class="cscca9035d1"><a href="https://www.cisa.gov/uscert/ncas/alerts/aa22-054a" target="_blank">https://www.cisa.gov/uscert/ncas/alerts/aa22-054a</a></span><span class="csc8f6d761">
</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">A joint cybersecurity advisory with the U.K. National Cyber Security Centre (NCSC), FBI, and NSA about the Cyclops Blink malware used by the threat actor known as Sandworm or Voodoo Bear. Sandworm has been previously
attributed to Russian actors. Cyclops Blink appears to be a replacement framework for the VPNFilter malware exposed in 2018, which exploited network devices, primarily small office/home routers and network attached storage devices.</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">MIS, DIS, MALINFORMATION</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure
</span><span class="cscca9035d1"><a href="https://www.cisa.gov/sites/default/files/publications/cisa_insight_mitigating_foreign_influence_508.pdf" target="_blank">https://www.cisa.gov/sites/default/files/publications/cisa_insight_mitigating_foreign_influence_508.pdf</a></span><span class="csc8f6d761">
</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">Malicious actors use influence operations, including tactics like misinformation, disinformation, and malinformation (MDM), to shape public opinion, undermine trust, amplify division, and sow discord.</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">This CISA Insights product is intended to ensure that critical infrastructure owners and operators are aware of the risks of influence operations leveraging social media and online platforms.</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">Alert (AA22-047A): Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology | CISA
</span><span class="cscca9035d1"><a href="https://www.cisa.gov/uscert/ncas/alerts/aa22-047a" target="_blank">https://www.cisa.gov/uscert/ncas/alerts/aa22-047a</a></span><span class="csc8f6d761">
</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">A joint cybersecurity advisory with the FBI and the NSA about Russian state-sponsored cyber actors targeting cleared defense contractors in the United States; includes detection and mitigation recommendations to
reduce the risk of data exfiltration. </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"><span lang="ES">CISA Insights (2022)</span></span><span lang="ES"><o:p></o:p></span></p>
<p class="cs2654ae3a"><span class="csc8f6d761"><span lang="ES"> </span></span><span lang="ES"><o:p></o:p></span></p>
<p class="cs2654ae3a"><span class="csc8f6d761"><span lang="ES">CISA Insights | CISA
</span></span><span class="cscca9035d1"><a href="https://www.cisa.gov/insights" target="_blank"><span lang="ES">https://www.cisa.gov/insights</span></a></span><span class="csc8f6d761">
</span><span lang="ES"><o:p></o:p></span></p>
<p class="cs2654ae3a"><span class="csc8f6d761"><span lang="ES"> </span></span><span lang="ES"><o:p></o:p></span></p>
<p class="cs2654ae3a"><span class="csc8f6d761">Implement Cybersecurity Measures Now to Protect Against Potential Critical Threats - An executive-level product that recommends urgent, near-term steps to reduce the likelihood and impact of a potentially damaging
compromise. Additional CISA Insights which have been published are also available on this page.</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> Alert (AA22-011A): Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure | CISA
</span><span class="cscca9035d1"><a href="https://www.cisa.gov/uscert/ncas/alerts/aa22-011a" target="_blank">https://www.cisa.gov/uscert/ncas/alerts/aa22-011a</a></span><span class="csc8f6d761">
</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">A joint cybersecurity advisory with the FBI and NSA about the Russian threat to critical infrastructure, including specific tactics, techniques, and procedures associated with Russian actors.</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">Known Exploited Vulnerabilities Catalog</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">Known Exploited Vulnerabilities Catalog | CISA
</span><span class="cscca9035d1"><a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog" target="_blank">https://www.cisa.gov/known-exploited-vulnerabilities-catalog</a></span><span class="csc8f6d761">
</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">A living list of vulnerabilities which have been known to be exploited. It was recently updated to include CVE-2022-23131 Zabbix Frontend Authentication Bypass Vulnerability and CVE-2022-23134 Zabbix Frontend
Improper Access Control Vulnerability.</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">CISA Catalog of Free Cybersecurity Services and Tools
</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">Free Cybersecurity Services and Tools | CISA
</span><span class="cscca9035d1"><a href="https://www.cisa.gov/free-cybersecurity-services-and-tools" target="_blank">https://www.cisa.gov/free-cybersecurity-services-and-tools</a></span><span class="csc8f6d761">
</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">A list of CISA services, non-proprietary software tools available online, and free services offered by trusted private sector partners.</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"><span lang="FR">CISA Cyber Resource Hub
</span></span><span lang="FR"><o:p></o:p></span></p>
<p class="cs2654ae3a"><span class="csc8f6d761"><span lang="FR"> </span></span><span lang="FR"><o:p></o:p></span></p>
<p class="cs2654ae3a"><span class="csc8f6d761"><span lang="FR">Cyber Resource Hub | CISA
</span></span><span class="cscca9035d1"><a href="https://www.cisa.gov/cyber-resource-hub" target="_blank"><span lang="FR">https://www.cisa.gov/cyber-resource-hub</span></a></span><span class="csc8f6d761">
</span><span lang="FR"><o:p></o:p></span></p>
<p class="cs2654ae3a"><span class="csc8f6d761"><span lang="FR"> </span></span><span lang="FR"><o:p></o:p></span></p>
<p class="cs2654ae3a"><span class="csc8f6d761">A comprehensive list of the no-cost cybersecurity assessments CISA offers upon request to help organizations evaluate operational resilience, cybersecurity practices, organizational management of external dependencies,
and other key elements of a robust and resilient cyber framework.</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">Multi-State Information Sharing and Analysis Center (MS-ISAC) and the Election Infrastructure Information Sharing and Analysis Center (EI-ISAC)
</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">MS-ISAC (cisecurity.org) </span><span class="cscca9035d1"><a href="https://www.cisecurity.org/ms-isac" target="_blank">https://www.cisecurity.org/ms-isac</a></span><span class="csc8f6d761">
</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">Funded by CISA, the MS-ISAC and EI-ISAC serve as no-cost resources for situational awareness, best practices, information sharing, and incident response for SLTT government entities. Register now for the MS-ISAC
(</span><span class="cscca9035d1"><a href="https://learn.cisecurity.org/ms-isac-registration" target="_blank">https://learn.cisecurity.org/ms-isac-registration</a></span><span class="csc8f6d761">
</span><span class="cscca9035d1"><a href="https://learn.cisecurity.org/ms-isac-registration" target="_blank">https://learn.cisecurity.org/ms-isac-registration</a></span><span class="csc8f6d761"> ) and the EI-ISAC (</span><span class="cscca9035d1"><a href="https://learn.cisecurity.org/ei-isac-registration" target="_blank">https://learn.cisecurity.org/ei-isac-registration</a></span><span class="csc8f6d761">
</span><span class="cscca9035d1"><a href="https://learn.cisecurity.org/ei-isac-registration" target="_blank">https://learn.cisecurity.org/ei-isac-registration</a></span><span class="csc8f6d761"> ).
</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> Malicious Domain Blocking and Reporting
</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">Malicious Domain Blocking and Reporting (MDBR) (cisecurity.org)
</span><span class="cscca9035d1"><a href="https://www.cisecurity.org/ms-isac/services/mdbr" target="_blank">https://www.cisecurity.org/ms-isac/services/mdbr</a></span><span class="csc8f6d761">
</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">A no-cost protective Domain Name System (DNS) resolver service provided by the MS-ISAC and funded by CISA; blocks malicious DNS requests while keeping state and local partners informed through regular reports.
</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">Endpoint Detection and Response </span>
<o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">Election Security Spotlight – Endpoint Detection and Response (EDR) (cisecurity.org)
</span><span class="cscca9035d1"><a href="https://www.cisecurity.org/insights/spotlight/cybersecurity-spotlight-endpoint-detection-and-response-edr" target="_blank">https://www.cisecurity.org/insights/spotlight/cybersecurity-spotlight-endpoint-detection-and-response-edr</a></span><span class="csc8f6d761">
</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">A service provided by the MS-ISAC and funded by CISA to help SLTT entities involved in managing elections maintain awareness of and isolate malicious activity that may be impacting workstations, servers, and other
network endpoints, including malware and ransomware. This program is currently only available to SLTT election organizations.
</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">Real-Time Indicator Feeds </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">Real-Time Indicator Feeds (cisecurity.org)
</span><span class="cscca9035d1"><a href="https://www.cisecurity.org/ms-isac/services/real-time-indicator-feeds" target="_blank">https://www.cisecurity.org/ms-isac/services/real-time-indicator-feeds</a></span><span class="csc8f6d761">
</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">A service provided by the MS-ISAC and funded by CISA that provides real-time cyber threat intelligence indicator feeds that are easy to implement and available for free to SLTT entities.</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">In the event of a cyber incident, CISA may be able to offer assistance to victim organizations and use information from incident reports to protect other possible victims. CISA urges stakeholders to lower their
thresholds for reporting potential incidents and anomalous activity. </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">All organizations should report incidents and anomalous activity to CISA via 24/7 CISA Central
</span><span class="cscca9035d1"><a href="mailto:central@cisa.dhs.gov" target="_blank">central@cisa.dhs.gov</a></span><span class="csc8f6d761">
</span><span class="cscca9035d1"><a href="mailto:central@cisa.dhs.gov" target="_blank">mailto:central@cisa.dhs.gov</a></span><span class="csc8f6d761"> ; (888) 282-0870) or your local field personnel (Cybersecurity Advisors, Protective Security Advisors, Emergency
Communications Coordinator, etc.). You can also reports incidents and anomalies to our partners at the FBI via your local FBI field office or the FBI’s 24/7 CyWatch at (855) 292-3937 and
</span><span class="cscca9035d1"><a href="mailto:CyWatch@fbi.gov" target="_blank">CyWatch@fbi.gov</a></span><span class="csc8f6d761">
</span><span class="cscca9035d1"><a href="mailto:CyWatch@fbi.gov" target="_blank">mailto:CyWatch@fbi.gov</a></span><span class="csc8f6d761"> .
</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761">The current geopolitical activities are fluid and subject to change. We will continue to provide information as it becomes available.
</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csc8f6d761"> </span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="cs7088c2d41">________________________________________</span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="cs23fb06641"><span style="font-size:12.0pt">Very respectfully,</span></span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csb31e3c811"><span style="font-size:12.0pt">Terin D. Williams</span></span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="cs23fb06641"><span style="font-size:12.0pt">Cybersecurity Advisor, Region 5 (OH)</span></span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="cs23fb06641"><span style="font-size:12.0pt">Cybersecurity and Infrastructure Security Agency
</span></span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="cs23fb06641"><span style="font-size:12.0pt">614.314.7793 |
</span></span><span class="cs1befe4a51"><span style="font-size:12.0pt"><a href="mailto:terin.williams@cisa.dhs.gov" target="_blank">terin.williams@cisa.dhs.gov</a></span></span><o:p></o:p></p>
<p class="cs2654ae3a"><span class="csedbfcf261"><span style="font-size:8.0pt"><a href="https://www.cisa.gov/" target="_blank"><span style="font-size:12.0pt;font-family:"Calibri",sans-serif;color:black;text-decoration:none"><img border="0" width="96" height="96" style="width:1.0in;height:1.0in" id="_x0000_i1025" src="cid:image001.png@01D831F8.AAADFFD0"></span></a></span></span><o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div style="border:none;border-bottom:solid windowtext 1.0pt;padding:0in 0in 1.0pt 0in">
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<p class="MsoNormal">Missy<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><b><span style="font-size:14.0pt;color:#00ACCD">Melissa Balbaugh</span></b><span style="font-size:14.0pt;color:#00ACCD"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:black">Director of Customer Service & Support<o:p></o:p></span></p>
<p class="MsoNormal"><b><i><span style="color:black">The Management Council</span></i></b><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:14.0pt;color:black"><o:p> </o:p></span></p>
<p class="MsoNormal"><b><span style="color:#00ACCD">– Connect with Me –</span></b><span style="color:#00ACCD"><o:p></o:p></span></p>
<p class="MsoNormal"><b><span lang="ES" style="color:#00ACCD">m</span></b><span lang="ES">:
<span style="color:black">419.204.6430 | </span><b><span style="color:#00ACCD">o</span></b>:
<span style="color:black">614.840.9810<o:p></o:p></span></span></p>
<p class="MsoNormal"><span style="color:black"><a href="mailto:melissa.balbaugh@managementcouncil.org"><span lang="ES">melissa.balbaugh@managementcouncil.org</span></a></span><span lang="ES" style="color:black"> |
</span><span style="color:black"><a href="http://www.mcoecn.org/"><span lang="ES">mcoecn.org</span></a></span><span lang="ES" style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="ES" style="font-size:14.0pt;color:black"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="ES" style="color:black"> </span><span style="color:black"><img border="0" width="168" height="99" style="width:1.75in;height:1.0312in" id="Picture_x0020_1" src="cid:image002.png@01D831F8.AAADFFD0"></span><span style="font-size:12.0pt"><o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</div>
</body>
</html>