The National Security Agency (NSA) of the United States has published its 2020 Cybersecurity Year in Review paper, which outlines the first full year of service of the NSA Cybersecurity Directorate.
In July 2019, the Cybersecurity Directorate was officially announced with an emphasis on securing national security networks and the manufacturing base for defence. The Directorate was also headed by Ms. Anne Neuberger, Director of Cybersecurity, with the goal of strengthening cybersecurity activities by collaborations.
NSA Year in Review: 2020 By integrating threat intelligence and cryptography expertise with risk detection and defence activities, the Cybersecurity Directorate held true to its mission during 2020, the study claims, seeking to escape and eliminate cyber attacks.
Based on lessons learnt from the 2016 presidential election and the mid-term elections in 2018, the NSA was fully active in government-wide attempts to secure the 2020 election from international intervention and influence. The study (PDF) reads that cybersecurity was a central component of the NSA’s overall election protection campaign.
The NSA helped the Department of Defense (DoD) eradicate poor cryptography and accepted quantum-resistant cryptographic algorithms last year, to ensure that the cryptography of the Department is modern enough to withstand attacks from quantum computing.
The NSA sponsored the DoD’s move to telecommuting in the aftermath of the COVID-19 pandemic, offering options for nearly 100,000 people to operate safely remotely. The Department was also interested in Operation Warp Speed (OWS), an initiative aimed at speeding the production of a vaccine for COVID-19.
After the establishment of the Directorate, the NSA has provided 30 special, timely and actionable cybersecurity items to warn the cyber threat owners of the National Security System (NSS), DoD, and Defense Industrial Base (DIB) networks.
Any of the knowledge shared by the Organization in 2020 contains information on Windows 10 flaws and Drovorub ransomware, IOCs aligned with the Russia-linked Sandworm Team’s targeting of Exim mail servers, specifics on the misuse of bugs threatening actors to mount web shell malware on web servers, and a list of 25 vulnerabilities widely targeted by Chinese actors.
Although the Cybersecurity Advisories (CSAs) is primarily meant for owners of NSS, DoD, and DIB, information could also be leveraged by the private sector in the United States and abroad to improve the security posture, the NSA says.
In addition, the NSA has provided guidelines on properly configuring IPsec VPNs (IP Protection Virtual Private Networks), how to configure the Stable Boot Unified Extensible Firmware Interface (UEFI), and how to telework security networks and workers.
The Cybersecurity Coordination Center of the NSA worked last year to advance public-private collaboration and to refocus efforts on the security of 5G implementations under the Enduring Security System (ESF). The Center for Cybersecurity Standards (CCSS), intended for engagement with standards bodies, was also initiated by the Department.
Via an authorised, intra-government mechanism, the NSA also continues to find and release cyber security vulnerabilities to private industry. NSA vulnerability leaks have trended upward for the last three years, as the Government commits to allowing the protection of commercial technology that the U.S. The Agency states that the economy, our military, our industries, and our people depend on them.