The South Carolina Critical Infrastructure Cybersecurity (SC CIC) threat intelligence program is designed to enhance the existing network protections of South Carolina’s critical infrastructure organizations. With a strategy of utilizing curated products and services while conducting ongoing technical analysis and review, threat intelligence is provided at no additional cost to participants.

SC CIC delivers intelligence with a multi-faceted approach to adapt to the ever-changing cyber threat ecosystem. Publicly accessible assets and configurations are inventoried to protect organizations and their collective external attack surfaces. This also allows the setup of real-time alerts to identify possible misconfigurations and vulnerabilities that appear on these assets in the future. Suspicious and possibly malicious websites are additionally investigated, including code, connected servers, outgoing links, and file content.

Another part of the SC CIC threat intelligence toolbox is monitoring and alerting on mentions of participants found in dark web markets, underground forums, and other cybercriminal shops. This monitoring identifies things such as network access being sold, exfiltrated data being shared, or leaked credentials being shared in open, deep, and dark web forums, markets, and sites. This continuous cataloging uncovers the tactics being used in the malware delivery and phishing scam industries, while providing invaluable data on emerging trends in the state.

One of the larger successes of SC CIC’s threat intelligence program is the facilitation of two-way information sharing that relies on relationships and trust built over the years. Participants share valuable insights into the threats and challenges critical infrastructure organizations are encountering, with the utmost priority given to the privacy and retention of control over identifiable data. The data is anonymized and aggregated into reports to uncover patterns across the state and sectors. The reports are then shared back through customized bulletins and alerts to all participants, as well as with state and federal partners. As this methodology has been refined, SC CIC now often provides the initial notification of emerging threats, further strengthening the threat intelligence and information sharing ecosystem that has been created.

“Our threat intelligence program aims to provide actionable, straightforward information that enables organizations to take immediate steps leading to an increase in their security posture.”
–Ryan Truskey, SC CIC Director

If you represent a critical infrastructure organization and are interested in any of the SC CIC services, please complete the Join SC CIC form here.