Sophisticated cyber actors and nation-states exploit vulnerabilities to steal information and money and work to develop capabilities to disrupt, destroy, or threaten the delivery of essential services. Defending against these attacks is essential to maintaining the nation’s security. Any cyber-attack, no matter how small, is a threat to our national security and must be identified, managed ...
JCDC unifies cyber defenders from organizations worldwide. This team proactively gathers, analyzes, and shares actionable cyber risk information to enable synchronized, holistic cybersecurity planning, cyber defense, and response.
See Table 2 to Table 4 for all referenced threat actor tactics and techniques in this advisory. The authoring agencies recommend organizations review historical TTPs for similar Iranian-affiliated cyber actor activity in IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including US Water and Wastewater Systems Facilities.
Cybersecurity Advisory: Provides detailed information on cyber threats, including threat actor tactics, techniques, and procedures and indicators of compromise, along with recommended actions for detection, mitigation, and response.
The Department of Homeland Security and its components play a lead role in strengthening cybersecurity resilience across the nation and sectors, investigating malicious cyber activity, and advancing cybersecurity alongside our democratic values and principles.
In December 2025, a malicious cyber actor (s) targeted and compromised operational technology (OT) and industrial control systems (ICS) in Poland’s Energy Sector—specifically renewable energy plants, a combined heat and power plant, and a manufacturing sector company—in a cyber incident. The malicious cyber activity highlights the need for critical infrastructure entities with vulnerable ...
Poland Energy Sector Cyber Incident Highlights OT and ICS ... - CISA
CISA is aware of malicious cyber activity targeting endpoint management systems of U.S. organizations based on the cyberattack against U.S.-based medical technology firm Stryker Corporation, which affected their Microsoft environment. 1 To defend against similar malicious cyber activity, CISA urges organizations to harden endpoint management system configurations using the ...