NSA and partners release router hygiene guidance

On July 13, the National Security Agency (NSA), in collaboration with partners, is releasing a Cybersecurity Advisory (CSA), “Improve Router Hygiene to Protect Against Russian State-Sponsored Targeting,” warning device owners of threats posed to critical infrastructure sector networks by Russian cyber actors.

The joint CSA details how the Russian Federal Security Service (FSB) Center 16 continues to exploit vulnerable and poorly configured networks. This is an ongoing issue that has impacted various U.S. and foreign networks across multiple sectors, including the Defense Industrial Base, communications, energy, financial services, government facilities and healthcare sectors. NSA and co-sealing agencies emphasize the importance of basic router hygiene as a means for companies and organizations to deter state-level cyber actors.

To proactively defend against these threats, organizations are urged to adopt these top hardening measures:

  • Implement Simple Network Management Protocol v3 (SNMPv3)
  • Use strong, unique passwords
  • Disable Cisco Smart Install
  • Block the TFTP, SMI and SNMP protocols at the firewall
  • Upgrade software and firmware images to patch vulnerabilities

 

To provide a comprehensive understanding of the threat, the CSA outlines additional tactics, techniques and procedures that build on the Federal Bureau of Investigation’s (FBI) Public Service Announcement, “Russian Government Cyber Actors Targeting Networking Devices, Critical Infrastructure.” Device owners and network defenders are urged to review the CSA and implement mitigation and remediation actions to protect against Russian government-sponsored exploitation.

Co-sealing agencies include the Cybersecurity and Infrastructure Security Agency, FBI, Department of Defense Cyber Crime Center, Australian Signals Directorate’s Australian Cyber Security Centre, Communication Security Establishment Canada’s Canadian Centre for Cyber Security, New Zealand National Cyber Security Centre, United Kingdom National Cyber Security Centre, Czech Republic National Cyber and Information Security Agency, Danish Defence Intelligence Service, Estonian Foreign Intelligence Service, Estonian Information System Authority, Finnish Defence Intelligence, Finnish Security and Intelligence Service, French National Cybersecurity Agency, Italian External Intelligence and Security Agency, Italian Internal Intelligence and Security Agency, The Military Counterintelligence Service of Poland, and Sweden National Cyber Security Centre.

Read the full report.

Source: NSA

Your competitors read IC News each day. Shouldn’t you? Learn more about our subscription options, and keep up with every move in the IC contracting space.