NSA News & Highlights

March 18, 2024

Georgia Tech Wins NSA's Codebreaker Challenge for Third Consecutive Year

FORT MEADE, Md. – For the third consecutive year, the Georgia Institute of Technology (Georgia Tech)

March 12, 2024

Scouts Honored at National Cryptologic Museum's Annual Scout Day

“Best day of my life!” One Scout exclaimed as he left the National Cryptologic Museum’s (NCM) annual event on Saturday March 2nd, 2024. Rain couldn’t damper things for the scouts and their families. The event drew a near record number of attendees with more than 650 people coming through the doors of the NCM in just six hours.

March 7, 2024

NSA Releases Top Ten Cloud Security Mitigation Strategies

The National Security Agency (NSA) is releasing “Top Ten Cloud Security Mitigation Strategies” to inform cloud customers about important security practices as they shift their data to cloud environments. The report is a compilation of ten Cybersecurity Information Sheets (CSIs), each on a different strategy. The Cybersecurity and Infrastructure Security Agency (CISA) joins NSA as a partner on six of the ten strategies.

March 5, 2024

NSA Releases Maturity Guidance for the Zero Trust Network and Environment Pillar

The National Security Agency (NSA) is releasing a Cybersecurity Information Sheet (CSI) today that details curtailing adversarial lateral movement within an organization’s network to access sensitive data and critical systems. The CSI, entitled “Advancing Zero Trust Maturity Throughout the Network and Environment Pillar,” provides guidance on how to strengthen internal network control and contain network intrusions to a segmented portion of the network using Zero Trust principles.

Feb. 27, 2024

Russian Cyber Actors Use Compromised Routers to Facilitate Cyber Operations

FORT MEADE, Md. – The National Security Agency (NSA) has joined the Federal Bureau of Investigation (FBI) and other co-sealers to publish a Cybersecurity Advisory (CSA), “Russian Cyber Actors Use Compromised Routers to Facilitate Cyber Operations,” outlining observed tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), and mitigation recommendations for EdgeRouter users and other network defenders.

Feb. 26, 2024

Russian Cyber Actors Target Cloud-Hosted Infrastructure

FORT MEADE, MD. – The National Security Agency (NSA) joins the UK National Cyber Security Centre (NCSC-UK) and other partners in releasing the Cybersecurity Advisory (CSA), “SVR Cyber Actors Adapt Tactics for Initial Cloud Access.” The CSA outlines how Russia-based cyber actors are adapting their tactics, techniques, and procedures (TTPs) to infiltrate and access intelligence hosted in cloud environments as a growing number of targets store data in the cloud.

Feb. 20, 2024

National Security Agency Announces Retirement of Cybersecurity Director

FORT MEADE, Md. – The National Security Agency (NSA) announces the retirement of Rob Joyce, the Director of Cybersecurity and the Deputy National Manager, National Security Systems; effective March 31, 2024.

Feb. 14, 2024

NSA Awards Authors of Study of Automated Attacks on New Webservers

The National Security Agency (NSA) Research Directorate recently selected “Uninvited Guests: Analyzing the Identity and Behavior of Certificate Transparency Bots,” as the winner of its 11th Annual Best Scientific Cybersecurity Paper Competition.

Feb. 7, 2024

Combatting Cyber Threat Actors Perpetrating Living Off the Land Intrusions

The National Security Agency (NSA) is proud to partner with the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the United Kingdom National Cyber Security Center (NSC-UK) on CISA’s Cybersecurity Technical Report (CTR) “Identifying and Mitigating Living Off the Land,” which provides guidance on defending against common living off the land (LOTL) techniques. This release follows a May 2023 joint Cybersecurity Advisory on LOTL techniques.

Feb. 7, 2024

NSA and Partners Spotlight People’s Republic of China Targeting of U.S. Critical Infrastructure

The National Security Agency (NSA) has joined partners to issue a Cybersecurity Advisory (CSA) to address People’s Republic of China (PRC) targeting of U.S. critical infrastructure. The CSA, entitled “PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure,” is led by the Cybersecurity and Infrastructure Security Agency (CISA) in partnership with NSA, the Federal Bureau of Investigation (FBI), and additional government agencies.