Joint Statement on SolarWinds Compromise by the FBI, CISA and the Office of the Director of National Intelligence (ODNI)
Over the course of the past several days, the FBI, CISA, and ODNI have become aware of a significant and ongoing cybersecurity campaign. Pursuant to Presidential Policy Directive (PPD) 41, the FBI, CISA, and ODNI have formed a Cyber Unified Coordination Group (UCG) to coordinate a whole-of-government response to this significant cyber incident. Please review this announcement for the SolarWinds Compromise.
COVID 19 And The Support Of Remote Work Environments For Law Enforcement In Texas
Our law enforcement personnel and services are critical to everything we do in providing responses to emergencies and our local communities, friends and family. In our efforts to lessen the impact in as much as we can and continue to provide the level of service and support necessary, we often rely on technology. As law enforcement, charged with protecting and processing highly sensitive information we want to remind all law enforcement of the requirements and responsibilities unique to our data and systems. We have created the Telecommuting Tips For Law Enforcement Within Texas document to assist agencies with remote work environments during this time.
The FBI CJIS Security Policy requires agencies to employ virus protection mechanisms to protect against malicious code which could be used to compromise sensitive systems.
18.104.22.168 Malicious Code Protection states in part;
The agency shall employ virus protection mechanisms to detect and eradicate malicious code (e.g., viruses, worms, Trojan horses) at critical points throughout the network and on all workstations, servers and mobile computing devices on the network. The agency shall ensure malicious code protection is enabled on all of the aforementioned critical points and information systems and resident scanning is employed.
The DPS does not endorse specific products or vendors to fulfill this CJIS requirement. However, several news outlets have recently reported that FBI counterintelligence is advising portions of the private sector to move away from Kaspersky products. In addition, the General Services Administration (GSA) has removed Kaspersky Labs from its list of approved vendors over fears the Russian-owned cybersecurity company represents an undue risk to U.S. interests. These concerns have been focused primarily on the energy sector and those systems which support infrastructure. However, in light of these recent security concerns, DPS would encourage agencies subject to the CJIS security policy to consider finding alternatives to meet the requirements referencing Malicious Code Protection.
DPS encourages criminal justice agencies to exercise good judgement and practice sound risk management as it relates to securing the access to sensitive systems across the State of Texas and the Nation.
CryptoLocker ransomware has been prevalent throughout the world infecting computer systems. We are providing this Security Advisory to the Law Enforcement community to provide practical information to curtail and help dismantle this ransomware. The Decrypt CryptoLocker Ransomware link provides a possible solution to decrypt files encrypted by CryptoLocker and the Ransomware Tips link provides further resources.