NSA issues guidance to defend against PRC-affiliated threat actor
On December 3, the National Security Agency (NSA) joined the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and others in releasing guidance for monitoring networks and hardening devices in response to exploitation of major global telecommunications providers by a People’s Republic of China (PRC)-affiliated threat actor.
The Cybersecurity Information Sheet (CSI), “Enhanced Visibility and Hardening Guidance for Communications Infrastructure,” provides defensive measures to strengthen visibility – detailed insight into network traffic, user activity, and data flow – for engineers and system administrators overseeing communications infrastructure. The guidance may also be applicable to organizations with on-premises enterprise equipment. The CSI also covers hardening of devices and network architecture to limit potential entry points for this type of cyber threat.
“Vigilance is key for defending against network compromise,” said Dave Luber, NSA cybersecurity director. “Always have eyes on your systems and patch and address known vulnerabilities before they become targets.”
The malicious cyber activity referenced in the CSI targeted exposed and vulnerable services, unpatched devices, and generally under-secured environments. The CSI recommends enhancing visibility for edge devices at network perimeters by logging all configuration changes and management connections and alerting on any unexpected ones. It also highlights numerous hardening best practices, including disabling all unused, unauthenticated, or unencrypted protocols; using and storing passwords securely; limiting management connections and privileged accounts; patching and upgrading devices in a timely manner; and allowing only strong cryptography.
The CSI also notes specific hardening best practices for Cisco operating systems, which were targeted by the PRC-affiliated threat actor.
Source: NSA
IC News delivers the situational awareness you need to get ahead and stay ahead in the IC contracting space. Subscribe today for full access to 10,000+ articles, plus new articles each weekday.