485257285 | Adobe Stock
667593ea285d86f6b23dcce1 Adobestock 485257285

Hackers target CISA’s chemical security portal

June 21, 2024
Cybersecurity and Infrastructure Security Agency’s investigation finds no evidence of stolen data, but intruders may have accessed critical information, agency reports

The Cybersecurity and Infrastructure Security Agency (CISA) reports its Chemical Security Assessment Tool (CSAT) recently was the target of a cybersecurity intrusion by a malicious actor.

While CISA’s investigation found no evidence of exfiltration of data, the Jan. 23-24 intrusion may have resulted in the potential unauthorized access of Top-Screen surveys, Security Vulnerability Assessments, Site Security Plans, Personnel Surety Program submissions, and CSAT user accounts, the agency said.

Following the reporting requirements under the Federal Information Security Modernization Act (FISMA), CISA notified participants in the Chemical Facility Anti-Terrorism Standards (CFATS) program about the intrusion and the potentially impacted information. CISA is encouraging facilities to maintain cybersecurity and physical security measures according to normal procedures. 

In addition to direct facility notification and individual notifications provided by facilities for impacted individuals, CISA also notified potentially impacted individuals of the incident and published a cisa.gov/csat-notification that will have additional updates.

CISA is hosting two webinars for stakeholders during which the agency will review information provided in the frequently asked questions. The webinars will be held at 2:30 p.m. EST June 24 and 2:30 p.m. EST July 9. Both webinars will cover the same material.

Questions about this incident by chemical facilities or their third-party partners should be addressed to CISA Chemical Security at [email protected]. Potentially impacted individuals should review the webpage for additional tools and resources.

About the Author

BT staff