The National Security Agency ( NSA) has released two cybersecurity information sheets (CSIs) with guidance for National Security System (NSS) and Department of Defense (DoD) staff and system managers on maintaining networks and responding to accidents during the work-from – home era.
The first of the CSIs, entitled Vulnerable Personal Network Indicators and Mitigations, is intended to provide information about how teleworkers can recognise and minimise the compromise of their personal networks and, when operating remotely, secure data and equipment supplied by the government.
In addition, the CSI gives a variety of compromise markers (IoC), along with the prevention methods that can be implemented by teleworkers to deter potential compromises. The CSI is intended for government staff, but anybody can use the given information to detect and avoid network failures, the NSA points out.
“While there is no way to guarantee that personal networks can be fully protected against attacks — attackers are relentless and seek to find ways to bypass security controls — users should also take measures to help deter potential attacks,” the CSI reads.
Should the indications of compromise outlined in the document be observed, users are advised to apply the given mitigations to any computer , mobile device, or IoT device linked to their personal network.
The NSA says that the suggested measures to minimise the compromise include restarting and resetting routers, disabling their remote administration and configuration capabilities, disconnecting compromised devices from the network, resetting passwords on another computer and running anti-malware programme, and deleting ransomware infections and maintaining a successful back-up state.
In addition to minimising the agreement, the paper outlines a number of more direct steps, all designed to help users remove vulnerabilities from their personal computers or network.
Performing Out-of-Band Network Management, the NSA ‘s second CSI, offers system administrators knowledge about how to separate maintenance traffic from operational traffic and ensure that network activities or vulnerable network resources are not impacted by a corrupted computer or malicious traffic.
“The management of OoB [Out-of-Band] provides a mechanism that helps managers to strengthen the security of their networks by segmenting traffic management from operational traffic and ensuring that traffic management only arrives from the contact route of OoB,” states the NSA.
The paper contains details on the configuration of the OoB management system and advises that a failure and risk evaluation should be carried out first to determine whether to incorporate an OoB network architecture that is virtually or physically segmented.
The NSA suggests using encryption protocols and strict encryption algorithms and key sizes, maintaining computers using secure virtual private networks ( VPNs) only, hardening network security systems, constantly tracking the network and checking logs, and creating a configuration analysis and check-in procedure, which will allow easily detecting malicious changes.
