An official website of the United States government
Here's how you know
A .gov website belongs to an official government organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Press Release | Dec. 3, 2024

Guidance Urges Visibility and Device Hardening against PRC-Affiliated Threat Actor

FORT MEADE, Md. – The National Security Agency (NSA) joins the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and others in releasing guidance for monitoring networks and hardening devices in response to exploitation of major global telecommunications providers by a People’s Republic of China (PRC)-affiliated threat actor.

The Cybersecurity Information Sheet (CSI), “Enhanced Visibility and Hardening Guidance for Communications Infrastructure,” provides defensive measures to strengthen visibility – detailed insight into network traffic, user activity, and data flow – for engineers and system administrators overseeing communications infrastructure. The guidance may also be applicable to organizations with on-premises enterprise equipment. The CSI also covers hardening of devices and network architecture to limit potential entry points for this type of cyber threat.

“Vigilance is key for defending against network compromise,” said Dave Luber, NSA Cybersecurity Director. “Always have eyes on your systems and patch and address known vulnerabilities before they become targets.”

The malicious cyber activity referenced in the CSI targeted exposed and vulnerable services, unpatched devices, and generally under-secured environments. The CSI recommends enhancing visibility for edge devices at network perimeters by logging all configuration changes and management connections and alerting on any unexpected ones. It also highlights numerous hardening best practices, including disabling all unused, unauthenticated, or unencrypted protocols; using and storing passwords securely; limiting management connections and privileged accounts; patching and upgrading devices in a timely manner; and allowing only strong cryptography.

The CSI also notes specific hardening best practices for Cisco operating systems, which were targeted by the PRC-affiliated threat actor.

Read the full report here.
 
Visit our full library for more cybersecurity information and technical guidance.
 

NSA Media Relations
MediaRelations@nsa.gov
443-634-0721

Related Documents

Cybersecurity Information Sheet (CSI): Enhanced Visibility and Hardening Guidance for Communications Infrastructure
CSI Cybersecurity Information Sheet harden telecommunications backbone infrastructure
Hosted by Defense Media Activity - WEB.mil Veterans Crisis Line