NSA News & Highlights

Nov. 18, 2021

2021 Cyber Management Review Hosted at Fort Meade

For the first time in two years, the United Kingdom and United States militaries conducted an in-person headquarters-level forum to discuss combined cyberspace campaigns and capabilities, called the Cyber Management Review, Nov. 9, 2021.

Nov. 15, 2021

Cracking Zendia’s Codes Safeguarded America

Over decades, cryptanalysts were trained by a world famous concert flautist who made it to Carnegie himself before entering the halls of the NSA to teach hundreds how to crack codes. Lambros Callimahos, born in Cairo to Greek parents, created musical history with an all-flute recital in New York’s most famous concert hall in 1938. After that he then pursued another of his passions, cryptology.  He entered the Army cryptologic service in 1941 and went on to teach cryptology at the Army Security Agency and later the NSA.

Nov. 5, 2021

NSA Announces New Partnership with National Cryptologic Foundation

In concert with remarks by General Paul M. Nakasone, Commander, U.S. Cyber Command, Director NSA/Chief, CSS, during the Aspen Security Forum, the National Security Agency (NSA) today announces a new partnership with the National Cryptologic Foundation.

Nov. 1, 2021

NSA Honored with Two DoD Disability Awards

NSA was recently recognized during the Department of Defense (DoD) 41st Annual Disability Awards Ceremony. The event, held virtually earlier this month, honored the NSA as Best Intelligence Component and an Agency affiliate as a DoD 2021 Annual Disability Awards Outstanding Employee.

Oct. 28, 2021

NSA and CISA provide cybersecurity guidance for 5G cloud infrastructures

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have published cybersecurity guidance to securely build and configure cloud infrastructures in support of 5G. Security Guidance for 5G Cloud Infrastructures: Prevent and Detect Lateral Movement is the first of a four-part series created by the Enduring Security Framework (ESF), a cross-sector, public-private working group which provides cybersecurity guidance that addresses high priority cyber-based threats to the nation’s critical infrastructure.

Oct. 18, 2021

CISA, FBI, and NSA Release BlackMatter Ransomware Advisory to Help Organizations Reduce Risk of Attack

The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA) published a cybersecurity advisory today regarding BlackMatter ransomware cyber intrusions targeting multiple U.S. critical infrastructure entities, including two U.S. food and agriculture sector organizations. The advisory includes technical details, analysis, and assessment of this cyber threat, as well as several mitigation actions that can be taken to reduce the risk to this ransomware.

Oct. 14, 2021

Stop the Snowball: Protect Yourself from Phishing Scams

Technology is the commonality between everything in our daily lives. Whether you’re checking email at home or in the office, or scrolling through social media, you’re connected. That access and freedom is a staple in our country’s advancements and successes, but we can’t forget about those trying to take advantage of it.

Oct. 12, 2021

Long lost and rare Italian cipher machine found

At the outbreak of WWII in 1939, Nazi Germany’s Enigma encryption machine stood as the state-of-the art method for sending and receiving secret messages. It wasn’t until 1940 that English mathematician Alan Turing, and the team at Bletchley Park, cracked the daily changes Berlin made to its cipher system, and helped the Allied powers win the war. While the Enigma stands out as the most famous of encryption machines, Italy, set out to develop a high-end machine to rival its war partner, Germany. In 1939 Italy’s government secretly tasked a little-known photogrammetric equipment company, Ottico Meccanica Italiana (OMI), to build a device capable of rivaling its more famous cousin. Founded in 1926, OMI’s tools were used to create precision topographical maps and surveys using stereoscopic aerial photography. The technical expertise made OMI a natural fit for the job. The end result was OMI’s first cipher machine known as the Cryptograph Alpha.

Oct. 7, 2021

Avoid Dangers of Wildcard TLS Certificates, the ALPACA Technique

NSA released the Cybersecurity Information Sheet, “Avoid Dangers of Wildcard TLS Certificates and the ALPACA Technique” today, warning network administrators about the risks of using poorly scoped wildcard Transport Layer Security (TLS) certificates. NSA recommends several actions web administrators should take to keep their servers secure. This guidance also outlines the risks of falling victim to a web application exploitation method called Application Layer Protocols Allowing Cross-Protocol Attacks (ALPACA), which malicious cyber actors can use to access sensitive information.

Oct. 6, 2021

NSA Releases Cybersecurity Awareness Month Wallpapers for 2021

Each year, National Security Agency (NSA) partners with the National Cyber Security Alliance (NCSA) and the Department of Homeland Security (DHS) for Cybersecurity Awareness Month. In honor of this year’s celebration, NSA offers wallpaper backgrounds for electronic devices that provide a reminder to #BeCyberSmart.