Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

1/9/2019
02:55 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

NCSC Launches Nation-State Cyber Threat Protection Program for Businesses

National Counterintelligence and Security Center (NCSC) released free online security awareness materials for businesses to defend against nation-state hackers.

The US Office of the Director of National Intelligence (ODNI) National Counterintelligence and Security Center (NCSC) has launched a new free program to help private sector companies understand and defend against attacks by nation-state cyberattackers.

NCSC now offers a series of videos, brochures, and posters to raise awareness of the threat of foreign-sponsored cyberattack campaigns, and how to best protect against them.

"We made a determination to launch this campaign after a series of interactions with private sector representatives around the country," says Dean Boyd, the NCSC's chief communications executive. "While many corporate officials were well-aware of the threats to their businesses from foreign intelligence entities, many others were not and requested information and assistance. A key part of our mission at NCSC is to provide counterintelligence outreach to US private sector entities at risk of foreign intelligence penetration."

Security expert say it's not typical of the normally secretive NCSC - which reports to the Office of the Director of National Intelligence - to make such a public splash. 

"In many ways it's long overdue to a degree," says Drew Lydecker, president and co-founder of Avant Communications. "It's a reiteration of how huge a deal this is and how large an issue security has become. It's good they are talking about foreign travel and Wi-Fi [in the materials], especially for small and midsized businesses: they don't always take the threat as seriously as they should."

Jessica Ortega, a website security research analyst for SiteLock, notes that it's important that a federal intelligence agency has taken the lead.

"Small businesses especially have to understand that they are a valuable target for hackers," Ortega says. "Keep in mind that the average website gets 50 attacks a day … so small business owners shouldn't think they are too small not to get attacked."

NCSC's Boyd underscored that while all businesses can benefit from these new materials, SMBs are an important focus of the NCSC's effort. Many of these firms don't always have adequate resources for cybersecurity or even knowledge of the threats to their businesses posed by foreign intelligence organizations, he notes.

Some of these materials previously had been disseminated to the federal workforce to heighten awareness, he says, but after recent interactions with the private sector and the many recent cases involving nation-states targeting US  businesses, the agency believed it was important to get these materials to the private sector as well.

The goal with this program up front is to provide companies both with basic information on the threats and simple steps they can take to mitigate risks.

Here are four areas the NCSC identified in its new program materials

Corporate supply chains. Third parties have been an area of risk focus since the Target hack several years ago. NCSC says companies should know their suppliers, the equipment and services they provide, and their service providers. Start by asking the right questions before procuring their products or services. Get acquisition and procurement people involved with the company's risk management and security program.

Spearphishing emails. In October 2018, two Chinese intelligence officers and eight others were indicted for hacking US and European aerospace companies over five years to steal trade secrets on commercial aircraft engines. They allegedly used spearphishing to penetrate these corporate networks. Small manufacturers or banks in the Midwest or South think they are not at risk, but they are prime targets. Start by never clicking on suspicious links or attachments, particularly from unverified or unknown sources, the NCSC says.

Social media deception. China's intelligence services regularly use social media platforms to spot, assess, and target Americans with access to business or government secrets. Be sure to maximize your social media privacy settings and double-check the source before friending strangers, the agency recommends.

Foreign travel. NCSC says when traveling abroad, businesspeople should not expect electronic privacy. Wi-Fi networks overseas are regularly monitored by security services and others who can insert malicious software into your device through any connection they control. NCSC says it's best to leave electronic devices at home, but if you have to bring them, have them with you at all times.

 

Related Content:

Steve Zurier has more than 30 years of journalism and publishing experience, most of the last 24 of which were spent covering networking and security technology. Steve is based in Columbia, Md. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
markgrogan
50%
50%
markgrogan,
User Rank: Apprentice
1/30/2019 | 8:48:06 PM
Keep your eyes peeled.
It's interesting to try and categorise the different types of cyber attacks though. Not every company is out to steal information that you've locked away in data storage. It will be just as hard to try and implement more security features to address each and every different type of attack moving forward too..
DavidHamilton
50%
50%
DavidHamilton,
User Rank: Apprentice
1/26/2019 | 12:31:57 AM
Prevention is better
Every business needs to know what they are getting into before commencing their operations. Any security threats that may or may not arise in the future will also affect their customers and not just themselves alone. Hence, they need to act now before any issues even get to crop up in due time.
97% of Americans Can't Ace a Basic Security Test
Steve Zurier, Contributing Writer,  5/20/2019
TeamViewer Admits Breach from 2016
Dark Reading Staff 5/20/2019
How a Manufacturing Firm Recovered from a Devastating Ransomware Attack
Kelly Jackson Higgins, Executive Editor at Dark Reading,  5/20/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-7844
PUBLISHED: 2019-05-22
Adobe Media Encoder version 13.0.2 has an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVE-2017-9809
PUBLISHED: 2019-05-22
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Information Exposure.
CVE-2018-12886
PUBLISHED: 2019-05-22
stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypas...
CVE-2019-7834
PUBLISHED: 2019-05-22
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execu...
CVE-2019-7835
PUBLISHED: 2019-05-22
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary co...