NSA News & Highlights

March 7, 2024

NSA Releases Top Ten Cloud Security Mitigation Strategies

The National Security Agency (NSA) is releasing “Top Ten Cloud Security Mitigation Strategies” to inform cloud customers about important security practices as they shift their data to cloud environments. The report is a compilation of ten Cybersecurity Information Sheets (CSIs), each on a different strategy. The Cybersecurity and Infrastructure Security Agency (CISA) joins NSA as a partner on six of the ten strategies.

March 5, 2024

NSA Releases Maturity Guidance for the Zero Trust Network and Environment Pillar

The National Security Agency (NSA) is releasing a Cybersecurity Information Sheet (CSI) today that details curtailing adversarial lateral movement within an organization’s network to access sensitive data and critical systems. The CSI, entitled “Advancing Zero Trust Maturity Throughout the Network and Environment Pillar,” provides guidance on how to strengthen internal network control and contain network intrusions to a segmented portion of the network using Zero Trust principles.

Feb. 27, 2024

Russian Cyber Actors Use Compromised Routers to Facilitate Cyber Operations

FORT MEADE, Md. – The National Security Agency (NSA) has joined the Federal Bureau of Investigation (FBI) and other co-sealers to publish a Cybersecurity Advisory (CSA), “Russian Cyber Actors Use Compromised Routers to Facilitate Cyber Operations,” outlining observed tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), and mitigation recommendations for EdgeRouter users and other network defenders.

Feb. 26, 2024

Russian Cyber Actors Target Cloud-Hosted Infrastructure

FORT MEADE, MD. – The National Security Agency (NSA) joins the UK National Cyber Security Centre (NCSC-UK) and other partners in releasing the Cybersecurity Advisory (CSA), “SVR Cyber Actors Adapt Tactics for Initial Cloud Access.” The CSA outlines how Russia-based cyber actors are adapting their tactics, techniques, and procedures (TTPs) to infiltrate and access intelligence hosted in cloud environments as a growing number of targets store data in the cloud.

Feb. 20, 2024

National Security Agency Announces Retirement of Cybersecurity Director

FORT MEADE, Md. – The National Security Agency (NSA) announces the retirement of Rob Joyce, the Director of Cybersecurity and the Deputy National Manager, National Security Systems; effective March 31, 2024.

Feb. 14, 2024

NSA Awards Authors of Study of Automated Attacks on New Webservers

The National Security Agency (NSA) Research Directorate recently selected “Uninvited Guests: Analyzing the Identity and Behavior of Certificate Transparency Bots,” as the winner of its 11th Annual Best Scientific Cybersecurity Paper Competition.

Feb. 7, 2024

Combatting Cyber Threat Actors Perpetrating Living Off the Land Intrusions

The National Security Agency (NSA) is proud to partner with the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the United Kingdom National Cyber Security Center (NSC-UK) on CISA’s Cybersecurity Technical Report (CTR) “Identifying and Mitigating Living Off the Land,” which provides guidance on defending against common living off the land (LOTL) techniques. This release follows a May 2023 joint Cybersecurity Advisory on LOTL techniques.

Feb. 7, 2024

NSA and Partners Spotlight People’s Republic of China Targeting of U.S. Critical Infrastructure

The National Security Agency (NSA) has joined partners to issue a Cybersecurity Advisory (CSA) to address People’s Republic of China (PRC) targeting of U.S. critical infrastructure. The CSA, entitled “PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure,” is led by the Cybersecurity and Infrastructure Security Agency (CISA) in partnership with NSA, the Federal Bureau of Investigation (FBI), and additional government agencies.

Feb. 2, 2024

General Timothy D. Haugh takes lead of USCYBERCOM and NSA/CSS

FORT MEADE, Md. – General Timothy D. Haugh, U.S. Air Force, assumed command of U.S. Cyber Command (USCYBERCOM) and the National Security Agency (NSA)/Central Security Service (CSS) on February 2, 2024, during a change of command, directorship, and responsibility ceremony at USCYBERCOM/NSA/CSS Headquarters. The ceremony marked the transition of leadership from General Paul M. Nakasone, U.S. Army, to General Haugh.

Jan. 4, 2024

Five Cryptologic Giants to be Inducted into NSA's Cryptologic Hall of Honor

The National Security Agency's (NSA) Center for Cryptologic History is pleased to announce the 2023 induction of five major cryptologic figures into the Cryptologic Hall of Honor.