National Public Safety Telecommunications Council
People and Vehicles : Firefighter, Policeman, Police cruiser, Ambulance
Vehicles : Fire truck, Ambulance, Police boat
People : Policemen
Towers : Towers on a ridge
Computers : monitor array
Home
Current Topics
Organization
Committees
Events-Meetings
Participate-Volunteer
Resources
About Us
Library
SAFECOM Cybersecurity Advisory – BlackMatter Ransomware, GPS Bug, and VPN Solutions
October 27, 2021
SAFECOM Cybersecurity Advisory Banner
We would like to bring attention to the following alerts and notifications that may require action by your organization:
  • CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) released a joint Cybersecurity Advisory (CSA) on BlackMatter Ransomware.  Since July 2021, malicious cyber actors have used BlackMatter ransomware to target multiple U.S. critical infrastructure entities.  To reduce the risk of BlackMatter ransomware, CISA, FBI, and NSA encourage organizations to implement the recommended mitigations in the joint CSA and visit StopRansomware.gov for more information on protecting against and responding to ransomware attacks.
  • Critical Infrastructure owners and operators who obtain Coordinated Universal Time (UTC) from Global Positioning System (GPS) devices, should be aware of a GPS Daemon (GPSD) bug in GPSD versions 3.20 (released December 31, 2019) through 3.22 (released January 8, 2021).  On October 24, 2021, Network Time Protocol (NTP) servers using bugged GPSD versions 3.20–3.22 may roll back the date 1,024 weeks – to March 2002 – which may cause systems and services to become unavailable or unresponsive.  CISA urges affected critical infrastructure owners and operators to ensure systems that use GPSD to obtain timing information from GPS devices are using GPSD version 3.23 (released August 8, 2021) or newer editions to ensure operational continuity.
  • NSA and CISA have released the cybersecurity information sheet Selecting and Hardening Standards-based Remote Access VPN Solutions to address the potential security risks associated with using Virtual Private Networks (VPNs).  Remote-access VPN servers allow off-site users to tunnel into protected networks, making these entry points vulnerable to exploitation by malicious cyber actors.  The information sheet helps organizations select standards-based (rather than proprietary) VPN solutions and provides hardening guidance to prevent compromise and respond to attacks.  Organizations are encouraged to review and adopt recommendations in the information sheet to reduce risk.
    • We also strongly encourage you to sign up for U.S. Computer Emergency Readiness Team (US-CERT) alerts at us-cert.cisa.gov to receive timely, important updates.  Visit cisa.gov/publication/communications-resiliency for additional cyber and communications resiliency resources.
    Cybersecurity and Infrastructure Security Agency
    Defend Today Secure Tomorrow
    CISA Logo
    NPSTC is a federation of organizations whose mission is to improve public safety communications and interoperability through collaborative leadership
    Home  |  Have a Voice in Public Safety  |  Calendar  |  Contact Us  |  FAQs  |  Site Map  |  Admin Login
    Full View
    Copyright © 2005-2024.  National Public Safety Telecommunications Council.  All rights reserved.