NSA Advice to Prevent Them from Hacking You
Last week the Rob Joyce the NSA head of the NSA’s Tailored Access Operations-The NSA’s lead team for computer network exploitation used to penetrate foreign targets, spoke to an audience at the USENIX Enigma Conference giving tips on how to prevent the NSA from accessing your network. The NSA hasn’t enjoyed the best of reputations in the US and around the world since the revelations from Edward Snowden and they are attempting to create more transparency through world stages such as the USENIX Enigma Conference to put more people at ease. This transparency may be seen as a ploy to rebuild it massively damaged reputation, but either way it’s a welcome sight for one the most distrusted organizations in the world.
What are the main targets by the NSA
The main targets for the NSA may be more surprising than we all thought. Per Wired, “advanced persistent threat actors (APT) like the NSA, credentials are king for gaining access to systems. Not the login credentials of your organization’s VIPs, but the credentials of network administrators and others with high levels of network access and privileges that can open the kingdom to intruders. Per the words of a recently leaked NSA document, the NSA hunts sysadmins.” Sysadmins are again some of the most vulnerable targets per Joyce and one of the main culprits to them having such grip on the methods and tools used to get into your network without your company knowing about. “Don’t assume a crack is too small to be noticed, or too small to be exploited,” he said. If you do a penetration test of your network and 97 things pass the test but three esoteric things fail, don’t think they don’t matter. Those are the ones the NSA, and other nation-state attackers will seize on, he explained. “We need that first crack, that first seam. And we’re going to look and look and look for that
esoteric kind of edge case to break open and crack in.” One of the main points gathered from this exposition is the fact that the NSA doesn’t necessarily rely on the Zero-Day exploits that most cybersecurity experts point to as one of the main problems with preventing hacks such as these. Joyce also noted that ““We put the time in …to know [that network] better than the people who designed it and the people who are securing it,” he said. “You know the technologies you intended to use in that network. We know the technologies that are actually in use in that network. Subtle difference. You’d be surprised about the things that are running on a network vs. the things that you think are supposed to be there.”
Joyce spoke on the best ways to keep them out comes down to best practices within the organization and having competent sysadmins. Joyce stated that “One of the NSA’s worst nightmares is a sysadmin who pays attention.” Keeping this in mind Joyce also stated that the NSA’s #1 attack vector is packet injection and according to Joyce is “vastly better than phishing.” Administrators and cybersecurity experts need to step up in light of this information and do a better job of maintaining the security posture of their network in the future.
Here are some of our blog posts to read in the meantime:
Potential Amazon Password Leak
Top 5 Cybersecurity Threats in 2015
Top 5 Cybersecurity Myths that May Surprise You
Microsoft State of Security Address Experian (includes T-Mobile)
Tesla and Chrysler (unrelated to each other)
Apple App Store
U.S. Office of Personnel Management (OPM)
Kaspersky & FireEye (unrelated to each other)
Excellus Blue Cross Blue Shield
Ashley Madison (follow up)
Thanks for stopping by and reading our blog. We would appreciate if you could subscribe (assuming you like what you read; we think you will). This is meant to be informative and to provide value to anyone who reads this – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.
Be sure to subscribe to this blog and to our Podcast.
If you have ANY Cybersecurity needs, please contact us and a member of our staff with promptly reply to your question or concern.