Foreign rogue nation-state threat actors are targeting critical infrastructure in the U.S., according to the White House report involving the National Security Agency (NSA) and the Department of Homeland Securitys Cybersecurity and Infrastructure Security Agency (CISA).
The threat actors are targeting internet-connected operational technology (OT) in the United States defense systems. Cyber threats originating from state-sponsored actors were also targeting critical infrastructures such as electricity, water, and gas. Consequently, the NSA and CISA directed the owners and operators to take immediate action to secure the systems.
The agencies warned that the increase in adversary capabilities and activity, the criticality to U.S. national security and the vulnerability of OT systems, civilian infrastructure makes attractive targets for foreign actors.
The NSA and CISA noted that OT assets are present in the Department of Defense systems and also in the defense industrial base sector. Their use is prominent in most critical areas including in the national security systems. The agencies say the use of such systems is necessary because of the increased demand for a decentralized workforce. However, their use opens an attack landscape while increasing monitoring complexities because of the pervasive nature of the systems.
The DHS indicated there was strong evidence of a cyber threat involving the use of email spear phishing tactics to infiltrate critical infrastructure networks through OT assets. Additionally, there are persistent efforts to conduct ransomware attacks on critical infrastructure. A ransomware cyber threat is particularly concerning because of its disruptive nature and ability to leak sensitive information.
In February, CISA released a report describing a ransomware attack on a natural gas compression facility, which led to the shutdown of operations on the facility.
A similar cyber threat was blocked in May targeting critical infrastructure on an Israeli water system, according to CyberScoop. Authorities said the attack was highly organized and synchronized.
Nilesh Dherange, CTO of Gurucul, reiterated that the cyber threat was real.
The most recent NSA and CISA alerts are directed at Government assets, but they are valid warnings for any organization that has internet-facing systems. They offer solid advice that applies to any size of the operation and reiterates recommendations the Information Security community has been giving for years.
The NSA and CISA advised organizations to create a resilience plan for the OT assets. The plan involves the creation of a manual process to restart industrial control systems after an attack takes place. They also recommended having a system monitoring process in place to monitor the cybersecurity state of the critical infrastructure concerning cyber threats. Because of the increased risks facing essential services, the agencies advised organizations to remain ahead of the cyber threat operators by being proactive.
Organizations should also create an incident response plan to anticipate new methods that hackers may deploy. This should include collaboration between organizations and CISA in the creation of organizational cybersecurity plans.
Operators should also harden their networks by restricting access to OT networks, and to carry regular tests to discover vulnerable OT devices within their networks.
Dherange summed up the list of measures that the operators of critical infrastructure should adopt.
In a nutshell: Have resiliency, business continuity, and response plans in place and exercise them. Understand and document your environment, your likely adversaries, and how they will probably attack so you can harden appropriately. Make sure personnel are trained and equipped to resist the expected attack vectors and mitigate them after a breach.
Evan Dornbush, CEO and Founder of Point3 Security, says the cyber threat was critical, and therefore, operators should heed the advice.
If the NSA is coming out of the shadows to speak up in a joint alert with CISA, you want to listen and take action. What is most helpful is that the advisory shares a list of tools attackers are using to identify targets. Seeing what the attacker sees allows your cybersecurity team to prioritize your defensive actions. The Advisory goes further still, offering a robust set of recommendations for executing a response strategy.
View original post here:
- NSA: We 'don't know when or even if' a quantum computer will ever be able to break today's public-key encryption - The Register - September 5th, 2021
- Opportune moment for indigenous development of 5G NSA & SA by C-DOT: Prakash - United News of India - September 5th, 2021
- A Softening Economy Will Be Buffeted By Stimulus Withdrawal And Delta-Variant Surge - Forbes - September 5th, 2021
- Actions of IT giants pave the way for states to monopolize data Snowden - TASS - September 5th, 2021
- Microsoft's Azure Government Top Secret Cloud: All you need to know - TechHQ - September 5th, 2021
- The Scandalous History of the Last Rotor Cipher Machine - IEEE Spectrum - September 5th, 2021
- The NSA Does Not Deny Reading Tucker Carlsons Emails - July 12th, 2021
- Home, but Not Free: NSA Whistleblower Reality Winner Adjusts to Her Release From Prison - The Intercept - July 12th, 2021
- Congress newest subcommittee is focusing on cyber troops and JEDI - Federal News Network - February 11th, 2021
- End the war on whistleblowers - The Week - February 11th, 2021
- NSA Warned Russia to Stay Out Of 2020 Election And Got SolarWinds Hack Instead - NPR - February 1st, 2021
- Biden administration will build on the Quad: NSA Jake Sullivan - The Hindu - February 1st, 2021
- William P. Crowell, Former Deputy Director of the National Security Agency, Joins LookingGlass Advisory Board - HSToday - February 1st, 2021
- SolarWinds Is Not the 'Hack of the Century.' Its Blowback for the NSA's Longtime Dominance of Cyberspace - Common Dreams - February 1st, 2021
- NSA fumes over the violation of coronavirus safety protocols - GhanaWeb - February 1st, 2021
- A Top Biden Cybersecurity Aide Donated Over $500000 to AIPAC as an NSA Official Mother Jones - Mother Jones - February 1st, 2021
- What to expect from NASS and NASED conferences - Politico - February 1st, 2021
- Companies Pay Criminal Penalties And Compensation For Undermining Competition - JD Supra - February 1st, 2021
- Split Up NSA and CYBERCOM - Defense One - December 28th, 2020
- Edward Snowden Pardon and the SolarWinds Hack | - City Journal - December 28th, 2020
- Edward Snowden and wife share photos of newborn son amid push for Trump to pardon NSA leaker - Washington Times - December 28th, 2020
- NSA Year in Review: Election Security, Cybersecurity, and More - HSToday - December 28th, 2020
- No, the United States Does Not Spend Too Much on Cyber Offense - Council on Foreign Relations - December 28th, 2020
- The US has suffered a massive cyberbreach. It's hard to overstate how bad it is - The Guardian - December 28th, 2020
- Satoshi Nakamoto from NSA, AntiChrist and Other Bitcoin Conspiracy Theories - Cryptonews - December 28th, 2020
- How A Cybersecurity Firm Uncovered The Massive Computer Hack - NPR - December 28th, 2020
- Snowden and Assange Deserve Pardons. So Do the Whistleblowers Trump Imprisoned. - The Intercept - December 28th, 2020
- National Security Agency - Wikipedia - October 10th, 2020
- Talks with China will not help says USA NSA on situation on Ladakh - Oneindia - October 10th, 2020
- How to choose the right multifactor authentication program - Federal News Network - October 10th, 2020
- UofL to launch health care cybersecurity curriculum with $6.3 million from National Security Agency, pilot focused on veterans and first responders -... - October 10th, 2020
- National Storage Affiliates Trust Announces Date of its Third Quarter 2020 Earnings Release and Conference Call - Business Wire - October 10th, 2020
- NSA announces new Autumn webinar series 'Feeding the flock and getting it right' - The Scottish Farmer - October 10th, 2020
- How the NSA is disrupting foreign hackers targeting COVID-19 vaccine research - TechCrunch - September 18th, 2020
- Crime Prevention and Community Outreach, Common Goals for NSA and NYPD Commissioner - Abasto, Food and Beverage Industry News - September 18th, 2020
- Deputy NSA gets one year extension - The Hindu - September 18th, 2020
- Exceeding All Expectations: A Journey of Adversity, Triumph and Eternal Optimism - Worth - September 18th, 2020
- Huge threat to national security as hackers attack NIC computers, steal sensitive information - DNA India - September 18th, 2020
- Police: 2 more held in Agra boys kidnap-murder, NSA to be invoked - The Indian Express - September 18th, 2020
- NSA to be invoked against miscreants involved in killing Malihabad farmer: Lucknow DM - Outlook India - September 18th, 2020
- Did the NSA spy on Congress? RT The World According to Jesse - RT - September 5th, 2020
- Nebraska native, 101, defied convention: She served in South Pacific, with MacArthur and at NSA - Omaha World-Herald - September 5th, 2020
- NSA Ajit Doval reviews situation at India-China border - The New Indian Express - September 5th, 2020
- NSA Webinar Part 3: Skills Development and the future of learning during and post the Covid-19 pandemic - Mail and Guardian - September 5th, 2020
- ICE Robotics Expands Offering With NSA Partnership - CleanLink - September 4th, 2020
- National Security Agency | History, Role, & Surveillance ... - August 16th, 2020
- The NSA and FBI Expose Fancy Bear's Sneaky Hacking Tool - WIRED - August 16th, 2020
- NSA and FBI Expose Russian Previously Undisclosed Malware Drovorub in Cybersecurity Advisory FBI - Federal Bureau of Investigation - August 16th, 2020
- Shah Faesal reached out to NSA before he quit party; open to IAS return - Hindustan Times - August 16th, 2020
- How has the pandemic impacted work at the NSA? - C4ISRNet - August 10th, 2020
- Election interference efforts have shifted, NSA and Cyber Command election threats leads say - CyberScoop - August 10th, 2020
- Did Hedge Funds Make The Right Call On National Storage Affiliates Trust (NSA)? - Yahoo Finance - August 10th, 2020
- National Speakers Association Inducts Mary Kelly, Ph. D. into the Speaker Hall of Fame - The Grand Junction Daily Sentinel - August 10th, 2020
- For 2020 Election, Threat is Bigger than Russia > US DEPARTMENT OF DEFENSE - Department of Defense - August 10th, 2020
- The White House reportedly quashed part of an intelligence report that showed Russia is helping the Trump campaign - MSN Money - August 10th, 2020
- GFA Express Appreciation To NSA | General Sports - Peace FM Online - August 10th, 2020
- NSA O'Brien Says US Has 'Sanctioned The Heck Out Of Russia' - Newsmax - August 10th, 2020
- Money Explodes; Gold Glitters; The Recovery Slows - Forbes - August 10th, 2020
- NSA Reports on New Cyber Vulnerability in Computers - ExecutiveGov - August 10th, 2020
- The Trump administration reportedly quashed an intelligence report that showed Russia is helping him win the 2020 election - MSN Money - August 10th, 2020
- There Will Be Blowback - Forbes - August 10th, 2020
- What and how are you thinking? Anything is possible - Martins Ferry Times Leader - August 10th, 2020
- TikTok and National Security: The Need for a Comprehensive U.S. Privacy Law - Security Boulevard - August 10th, 2020
- Buhari to overhaul the nation's security apparatus, says NSA - TheCable - August 10th, 2020
- Trump quashed report section showing Russia is helping him win 2020 - Business Insider - Business Insider - August 9th, 2020
- NSA Sheep 2020 to be a virtual sheep show - South West Farmer - August 8th, 2020
- All you need to hijack a Mac is an old Office document and a .zip file - TechRadar - August 8th, 2020
- Silicon Valley's Vast Data Collection Should Worry You More Than TikTok - Jacobin magazine - August 8th, 2020
- T-Mobile Is The First Carrier Globally To Launch Nationwide Standalone (SA) 5G - Forbes - August 7th, 2020
- The Room Where It Happened: Former US NSA exposes the frailties of the Trump administration - The Financial Express - August 4th, 2020
- NSA Sheep 2020 to go virtual over two days - FarmingUK - July 31st, 2020
- Protect Our Power Urges Vigilance in Response to NSA and CISA Warning on Critical Infrastructure - PRNewswire - July 31st, 2020
- A "Time of Heightened Tensions": Homeland Security and National Security Agency Issue Joint Cybersecurity Alert - JD Supra - July 31st, 2020
- Amid 'heightened tensions,' US government issues warning to critical infrastructure providers - Utility Dive - July 31st, 2020
- Garmin Hack, Glitch in Flight Navigation and an NSA Warning: The Massive Threat of WastedLocker - News18 - July 31st, 2020
- Netflix is looking to Splinter Cell for its next big video game adaptation - The Verge - July 31st, 2020
- US real GDP to expand by 15% in Q3 TDS - FXStreet - July 31st, 2020
- Two Rebels Against the Establishment: Oliver Stone and Edward Snowden - CounterPunch - July 31st, 2020
- Orange announces it will launch 5G later this year - Explica - July 31st, 2020
- Privacy Shield Struck Down: Schrems II Just When You Thought it Was Safe to Go Back in the Harbor - JD Supra - July 31st, 2020