Press Release
☷Combatting Cyber Threat Actors Perpetrating Living Off the Land Intrusions
National Security Agency ( By Press Release office)
Feb 09,2024
| 27| 2
Hey , check it out - the National Security Agency ( NSA ) is teaming up with the Cybersecurity and Infrastructure Security Agency ( CISA ) , the Federal Bureau of Investigation ( FBI ) , and the United Kingdom National Cyber Security Center ( NSC - UK ) on CISA ' s Cybersecurity Technical Report ( CTR ) called "Identifying and Mitigating Living Off the Land . " This report gives some tips on defending against those sneaky living off the land ( LOTL ) techniques . They released this report following a joint Cybersecurity Advisory in May 2023 about LOTL techniques . Basically , instead of using malware , LOTL threats use tools that are already on the system to get around security measures , which makes them harder to detect and stop . These techniques can happen in different types of IT environments , like on - site , in the cloud , or hybrid setups . Actors from China and Russia often use these techniques to avoid getting caught . Rob Joyce , NSA ' s Director of Cybersecurity and Deputy National Manager for National Security Systems ( NSS ) , said , "Living off the land attacks have gotten the cybersecurity community all riled up . " He also mentioned that a bunch of organizations signed on to their previous LOTL Cybersecurity Advisory , and industry folks let them use their contributions . Joyce said , "With our partners and allies , we ' re bringing attention to attacks that happen in the shadows and showing how China puts civilian critical infrastructure at risk . Reports like this help us all improve defense and come together as a group to do more than we could alone . " The report explains why LOTL attacks work and gives recommendations for best practices to defend against them . Some of these recommendations include setting up better logging to catch suspicious LOTL activities , using strong authentication controls , limiting user and admin privileges , keeping an eye on remote access software , establishing baseline behaviors , and improving monitoring tools and alerts . The advisory also has recommendations for software and technology companies , details about what threat actors are up to , and info about weak spots in network defense . You can read the full report here . And if you want more cybersecurity info and technical tips , check out our full library . If you need to get in touch with the NSA about this , hit up their Media Relations team at MediaRelations@nsa . gov or give them a call at 443 - 634 - 0721 .
PLAY the NEWS
* May be useful for visually impaired persons .
Press release information:
Direct link to press release:
Click here .