National Security Agency

This #IndependenceDay, we celebrate the freedoms and democratic values penned in the opening paragraphs of the Declaration of Independence 249 years ago. Here at NSA, we’re dedicated to affirming those values with unwavering integrity in defense of our great nation.

We published a joint fact sheet with FBI Cyber Division, DoD Cyber Crime Center (DC3), and National Security Agency urging organizations to monitor for potential targeted cyber threats against U.S. #CriticalInfrastructure. We urge critical infrastructure owners and operators to take steps to defend against potential threats and report unusual cyber activity. Find out more about this potential threat and how to bolster your defense: go.dhs.gov/wjJ

The National Security Agency and the Cybersecurity and Infrastructure Security Agency (CISA) have released the joint Cybersecurity Information Sheet (CSI), “Memory Safe Languages: Reducing Vulnerabilities in Modern Software Development,” to highlight the importance of adopting memory safe languages (MSLs) in improving software security and reducing the risk of security incidents. Memory safety effects all software development and is a critical aspect to a holistic approach to security. The importance of memory safety is critical, and the consequences of vulnerabilities can be severe, to include data breaches, system crashes, and operational disruptions. Adopting MSLs will directly improve software security for all. To strengthen national cybersecurity and reduce memory vulnerabilities, software producers, especially those for National Security Systems (NSS) and critical infrastructure, should utilize this guidance to plan for and begin using MSLs for their software systems. 🔗 Read the full report: https://lnkd.in/eeJ2SMm7

NSA is joining the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and others to release three publications to provide guidance for cybersecurity executives and network defenders to consider when implementing Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms. SIEM solutions collect, aggregate, and correlate log data, helping network defenders understand what is happening on their network and detect sophisticated malicious cyber actor activity. SOAR platforms integrate with SIEM platforms and leverage its collection, centralization, and analysis of log data to deliver timely responses to detected malicious activity, especially in Zero Trust architectures. Collectively, the publications define SIEM and SOAR platforms, outline potential challenges, provide recommendations for implementation, and highlight relevant benefits for executives and practitioners. They also outline specific logs to collect, best practices for analyzing log data, and guidance for appropriate responses based on detected activity. The publications are especially relevant for National Security Systems (NSS), the Department of Defense (DoD), and the Defense Industrial Base (DIB); the authoring agencies urge these cybersecurity executives, network owners, and practitioners to implement SIEM/SOAR platforms using the guidance provided to effectively detect and respond to possible intrusions. https://lnkd.in/gkXh3r8R

The growing convergence of IT and OT systems, along with the advanced cyber capabilities of our adversaries, have increased the risk of cyber incidents that could disrupt critical missions, endanger public safety, and cause financial harm. Our newly released report takes the first step in developing implementation policies and minimum security requirements for smart controllers embedded within National Security Systems. Improving these standards is critical in responding to the increased risk against National Security Systems and keeping our systems secure. https://lnkd.in/gpm8EEAs

Malicious cyber actors are using ‘fast flux’ to conceal their activities by rapidly changing the IP address associated with a domain name. This technique helps conceal attempts to conduct espionage and other malicious activities, presenting a persistent threat to national security. Cybersecurity providers, especially Protective DNS providers, should track, share information about, and block fast flux as part of their provided cybersecurity services. Read our latest Cybersecurity Advisory for recommendations for detection and mitigation. https://lnkd.in/eRJbQvxg

Join us for our first Convening to Act event on Artificial Intelligence and its potential to impact national security. In partnership with the National Cryptologic Foundation, we are cohosting two days of presentations, panels, and collaborative discussions with experts from government, industry, and academia, to explore AI’s transformative impact. Don’t miss the fireside chat with Gen Timothy Haugh, Commander, U.S. Cyber Command; Director, NSA/Chief, CSS, during dinner following day one’s sessions. Register now: https://lnkd.in/gHZuAvpA

Staying ahead of emerging threats is crucial to national security. Together with the National Cryptologic Foundation, we’re sponsoring a series of dialogues called Convening to Act, which identify emerging challenges in cybersecurity and cryptology. The first of these programs took place in December 2023 and explored the topic of Quantum Resistant Cryptography in Firmware. Next week’s topic is Accelerating Adoption of Quantum Resistant Cryptography. Register here: https://lnkd.in/dzjUKkQq.

In accordance with Department of Defense Instruction 5400.17 and recent executive orders issued by the President, NSA is reviewing and adjusting its social media content to ensure compliance with DoD policies and priorities.

Ghidra, NSA’s open-source reverse engineering software, has been updated to version 11.3. This release includes many new features, performance improvements, and bug fixes to supercharge work on your cybersecurity challenges! New features include: • Built-in support for Python3 based on the Department of Defense Cyber Crime Center’s Pyhidra Python library • New Just-In-Time accelerated p-code emulator • Original source code to binary linking • Integrated VSCode support and more! Check out the latest release: https://lnkd.in/gPq7W-cU