National Security Agency

Happy Thanksgiving from all of us at the National Security Agency. This year, and every year, we're thankful for the men and women of our workforce, whose expertise drives our mission forward 24/7.

Microsoft Exchange servers are increasingly targeted by malicious cyber actors attempting to gain access to sensitive information. NSA was joined by the Cybersecurity and Infrastructure Security Agency and others in releasing the Cybersecurity Information Sheet (CSI), "Microsoft Exchange Server Security Best Practices," which outlines guidance for updating, hardening, baselining, and protecting these systems and their environments. Cybersecurity analysts and system administrators are encouraged to review the CSI to reduce their organizations' risk of exploitation and maintain the integrity of email. https://lnkd.in/eYpTea7m

We’re joining CISA and others to release the Cybersecurity Information Sheet (CSI), “Bulletproof Defense: Mitigating Risks from Bulletproof Hosting Providers,” to provide information on mitigating cybercriminal activity enabled by BPH providers through a nuanced approach. Internet service providers (ISPs) and network defenders are encouraged to implement the outlined mitigation strategies to block malicious traffic, decrease the utility of BPH infrastructure, and force cybercriminals onto legitimate infrastructure. https://bit.ly/49tET3w

NSA's 12th annual Codebreaker Challenge is open for registration! Students will complete seven tasks that showcase the technical problems and analysis performed daily NSA. If you're ready to put your skills to the test, learn more and register for the challenge: nsa-codebreaker.org

As concerns about the security and provenance of software grow, it’s crucial to understand the risks in software components and the software’s supply chain. The first step to addressing these risks and securing the software ecosystem is to increase software component and supply chain transparency. Software Bill of Materials (SBOM) is a key tool for increasing visibility across an organization’s software supply chain and enterprise system by documenting information about software dependencies. Learn more about the advantages of integrating SBOM into security processes and practices by reviewing our recently released joint guidance, “A Shared Vision of Software Bill of Materials (SBOM) for Cybersecurity.” https://lnkd.in/e6VDWhrt

We recently published a Cybersecurity Advisory (CSA) with Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation (FBI), and others worldwide to call out Chinese state-sponsored advanced persistent threat (APT) actors targeting major global telecommunications providers and other critical infrastructure, and provide appropriate mitigation guidance. Network defenders should continue to hunt for malicious activity and apply the mitigations outlined in the advisory to reduce the threat of Chinese-state sponsored APT actors. https://lnkd.in/dmwF8Ncx

Today, we #AimHigh by celebrating the United States Air Force 78th birthday! Established in 1947, the Air Force has been our guardian of air, space and cyberspace. Salute to all Airmen for their service!

Today, we pause to remember and honor the lives lost on September 11, 2001. At NSA, we remain steadfast in our mission to protect our nation and prevent such tragedies. We stand united with all Americans, and we will never forget.

NSA is joining Cybersecurity and Infrastructure Security Agency and others to release the Cybersecurity Information Sheet (CSI), “A Shared Vision of Software Bill of Materials (SBOM) for Cybersecurity,” to inform producers, choosers, and operators of software of the advantages of integrating SBOM generation, analysis, and sharing into security processes and practices. Software developers and procurement organizations, especially those within and for National Security Systems, the Department of Defense, and the Defense Industrial Base, should review our guidance to better understand the advantages of integrating SBOM generation, analysis, and sharing into existing security processes and practices. https://lnkd.in/e6VDWhrt

While workers across the U.S. enjoy their #LaborDay off, the American people can rest knowing NSA’s mission never sleeps. Thank you to the hardworking members of the NSA/CSS workforce for their incredible work and dedication to support our military and safeguard our Nation – 24/7.