Archive for the ‘NSA’ Category

CISA and NSA: The Times, They Are A-Changin. Identity is Everything Now – Security Boulevard

The recent SolarWinds Senate hearing and a flurry of subsequent briefings have unearthed new questions around the attack, which acting director of the U.S. Cybersecurity and Infrastructure Agency (CISA) Brandon Wales called the most complex and challenging hacking incident the agency has come up against.As impacted agencies and private enterprises work to pick up the pieces, theres debate over the best ways to tackle systemic weaknesses and improve cyber intelligence sharing across the board. But one thing everyone can agree on is that traditional security approaches which have failed to change with the digital times are in dire need of an overhaul.

The SolarWinds breach, along with nearly every major cyber attack today, involved the compromise of identity and subsequent manipulation of privileged access. While presenting forensic analysis of the attack at NISTs most recent Information Security and Privacy Advisory Board meeting, CISA technical strategist Jay Gazlay put it bluntly: Identity is everything now.

While Gazlay acknowledged that very few could pull off such a highly sophisticated digital supply chain attack without being detected, his message was clear: traditional, perimeter-centric security wont cut it. We can talk about our network defenses. We can talk about the importance of firewalls and network segmentation. But really, identity has become the boundary, and we need to start readdressing our infrastructures in that matter, he said, according to Federal News Networks report on the briefing.

Of course, SolarWinds is far from the first major attack to prompt action. But Gazlay warned that attackers are constantly innovating, and that protections many agencies put in place after the 2015 Office of Personnel Management breach are likely inadequate today since so many resources have shifted to the cloud.

Theyre going after the identities that give them access to all the data holdings much broader campaigns, he said, according to Federal News Network. That makes trust store and identity management compromises much more impactful, and frankly, a much higher target. As we move into a cloud infrastructure where all that matters is the expectation that you are who you say you are, to get access to cloud infrastructures, this becomes even more pernicious.

This focus on identity is accelerating the shift toward Zero Trust, a never trust, always verify approach that includes authenticating and authorizing every identity human or non-human before granting access. While the concept isnt new, its safe to say Zero Trust is going mainstream as hybrid and multi-cloud environments become the norm.

The U.S. National Security Agency (NSA) recently released guidance for embracing a Zero Trust approach, noting these principles can better position [cybersecurity professionals] to secure sensitive data, systems, and services.

As we focus on helping agencies and enterprises secure identities throughout the cycle of accessing critical assets, these recommendations resonated strongly with our CyberArk team. Heres a look at our top takeaways from the NSAs Zero Trust directive:

Outsider, Insider It Doesnt Matter. Always Assume Breach

NSA authors write, Contemporary threat actors, from cyber criminals to nation-state actors, have become more persistent, more stealthy, and more subtle; thus, they demonstrate an ability to penetrate network perimeter defenses with regularity. They urge agencies and organizations to consciously operate and defend resources with the assumption that an adversary already has presence within the environment.

In the public sector, weve seen the great lengths to which legitimate, authorized users will go to exfiltrate information and accomplish ill-intentioned objectives. An assume breach mindset does not discriminate between outsiders or insiders instead, every identity and access request is presumed malicious until proven otherwise. And the question shifts from Have I been breached? to Do I have the right alarm systems and motion-sensing lights in place to detect and respond before its too late?

Least Privilege Is Foundational to Zero Trust

Motives vary. Adversaries might try to establish persistence in the environment and hide their activity; the SolarWinds attacker used the sophisticated Golden SAML technique to do this successfully. Or, attackers might aim straight for the domain controller or cloud console in search of sensitive data to steal or hold for ransom, or to cause disruption by shutting down critical systems or deleting files. No matter what theyre after, attackers usually follow the same steps: acquire credentials for an identity, move laterally and vertically to escalate privileges, then use this privileged access to compromise sensitive data and assets.

The most effective way to break this chain and shrink the overall attack surface is to enforce least privilege security controls across all identities, devices and apps from the endpoint to the cloud. NSA authors write that data-centric Zero Trust models allow the concept of least privileged access to be applied for every access decision, where the answers to the questions of who, what, when, where, and how are critical for appropriately allowing or denying access to resources.

When It Comes to Zero Trust, 1+1=3

Theres no cybersecurity silver bullet, and likewise, Zero Trust cannot be achieved with one vendor or solution its not about a specific technology, its an approach, and a mindset. Instead, it requires a holistic, layered approach that integrates disparate but related cybersecurity capabilities into a cohesive engine for cybersecurity decision-making, write NSA authors.

By placing Privileged Access Management at the core of this defense-in-depth strategy, not only can defenders protect against the leading cause of breaches, they can also minimize the attacks impact. Consider this scenario: an attacker successfully compromises an agencys vulnerability management platform, runs an authentication scan and pinpoints every vulnerable and misconfigured identity within the hybrid cloud environment essentially scoring a step-by-step playbook for the attack. By protecting these powerful tools with Privileged Access Management controls, such as vaulting and rotating privileged credentials and monitoring sessions to detect risky activity, agencies can dramatically limit exposure and keep that playbook out of reach.

Its Okay to Start Small. But the Time to Start Is Now.

Conceptually, Zero Trust makes perfect sense. But NSA authors warn that putting it into practice will take time. Instead, they encourage a phased, risk-based approach. Incorporating Zero Trust functionality incrementally as part of a strategic plan can reduce risk accordingly at each step, they write. Among the NSAs key Zero Trust design recommendations is to architect from the inside out, first protecting critical data and assets, such as Tier 0 systems, then securing all paths to access them.

TheIdentity Defined Security Alliance framework can help with scoping and tiering the various technology components that will require protection at the identity level.

In SolarWinds shadow, many agencies are feeling pressure to address their greatest identity-related vulnerabilities quickly. This NSA directive offers valuable prioritization guidance for achieving quick wins to drive down risk, while laying the groundwork for a phased Zero Trust implementation strategy.

In the famous words of Bob Dylan, The times, they are a-changin. Drive resilience in this new threat landscape by embracing a Zero Trust model. And trust CyberArk to help along the way. As the recognized leader in protecting privileged access with multiple Department of Defense customers and 130+ installations across the U.S. federal government, were uniquely positioned to help agencies meet todays modern security and compliance requirements.

*** This is a Security Bloggers Network syndicated blog from CyberArk authored by Kevin Corbett. Read the original post at: https://www.cyberark.com/blog/cisa-and-nsa-the-times-they-are-a-changin-identity-is-everything-now/

Continue reading here:
CISA and NSA: The Times, They Are A-Changin. Identity is Everything Now - Security Boulevard

US to hold trilateral NSA-level talks with Japan, South Korea on North Korea next week – The Tribune India

Washington, March 24

The US plans to hold the NSA-level trilateral talks with Japan and South Korea next week on issues related to North Korea, making them among the most senior foreign officials to visit Washington since the start of the Biden presidency, officials here have said.

Were in the final stages of that (North Korea policy) review, and next week plan to host the national security advisors of Japan and the Republic of Korea to discuss the outcomes and other issues. This is the first time that we will have convened the trilateral at this level, a senior administration official told reporters during a conference call.

And these will be among the most senior foreign officials to visit Washington since the start of the Biden administration. We look forward to a robust discussion on a wide range of issues on how the US, Japan, and South Korea can deepen our trilateral cooperation, said the official who spoke with reporters on condition of anonymity.

The United States, the official said, is aware of military activity last weekend by North Korea that is not sanctioned under UN Security Council resolutions restricting the ballistic missile programme.

North Korea fired short-range missiles this past weekend, just days after the sister of Kim Jong-un threatened the United States and South Korea for holding joint military exercises.

The tests were confirmed by two senior Biden administration officials who told reporters on condition of anonymity.

While we take all of its military activity seriously and will continue to consult closely on this with partners and allies, we see this action in the category of most normal military activity by the North, said the official.

North Korea has a familiar menu of provocations when it wants to send a message to the US administration: ballistic missiles of various range, mobile and submarine launch platforms, nuclear and thermonuclear tests. Experts rightly recognised what took place last weekend as falling on the low end of that spectrum, the official added.

Ahead of the trilateral talks and as the policy review continues, a second administration official said that the Biden administration has also had a series of conversations with Trump administration officials to get their sense of how their diplomacy with North Korea worked out over the last four years.

We have been in touch with virtually every individual whos been involved in diplomacy with North Korea since the mid-1990s. So this has been an extraordinarily thorough process, and were nearing the conclusion of putting together our approach for North Korea, the official said.

The next step will be, the NSA-level trilateral.

I think we recognise that, you know, we are stronger if we approach these challenging issues in North Korea in partnership with Japan and South Korea, the second official said.

The official, however noted, that the administration is under no illusions about the difficulty this task presents to them.

We have a long history of disappointment in diplomacy with North Korea. It defied expectations of Republican and Democratic administrations alike. Weve had working groups. Weve tried it at the highest levels, at the head of state. And all the while, weve seen North Korea proceed ahead accordingly, the official said.

The trilateral talks will take place just days after US Secretary of State Antony Blinken and Defence Secretary Lloyd Austin visited Japan and South Korea to discuss various issues, including strengthening alliances and the push to denuclearise North Korea. PTI

Read the original:
US to hold trilateral NSA-level talks with Japan, South Korea on North Korea next week - The Tribune India

NSA Sullivan on talks with China: ‘We knew it was going to be tough’ – Yahoo News

The Week

"Well, guys, after 64 days in office, today President Biden held his very first press conference," Jimmy Fallon said on Thursday's Tonight Show. "Normally when a 78-year-old answers and hour of questions, they're getting a physical. It was quite the event. If you did a shot every time Biden said 'Look, folks,' you got drunker than a ship captain in the Suez Canal." Fallon obviously taped his show before Biden's press conference he suggested any of the reporters asked about the COVID-19 pandemic, for example but Late Night's Seth Meyers watched the event. Biden's presidency has been boring and popular, "and because Fox couldn't find anything else to jump on, they decided to spend weeks obsessing over the whole press conference thing," he said. "Fox has also been full of absurd and baseless speculation about what would happen at this press conference," Meyers demonstrated. "Maybe Fox News just can't believe that a president would be able to give a coherent answer to a question without a teleprompter: 'He must have had a script, he didn't suggest chugging bleach once!'" They didn't get the gaffes or blunders that they wanted. The president's opening announcement that 200 million people will get vaccinated in his first 100 days, not 100 million, "is Biden at his best, when he's got the vibe of an old-timer football coach giving his young squad an inspiration halftime speech," Meyers said. "On the other hand, he gets a little off-track when he trails off, like he did at the end of an answer on immigration." "And there were some other weird moments, too, like when Biden was asked about the tidal wave of GOP voter-suppression laws Republicans have unleashed," and he followed a perfectly good answer by saying it "makes Jim Crow look like Jim Eagle," Meyers said. "Jim Eagle? Are you talking about the Muppet? Jim Eagle sounds like a desperate guess on Jeopardy! for the question 'He was the lead singer of the Eagles.'" "Whatever you thought of Biden's press conference," Meyers said, "it was certainly refreshing to see a president directly answer reporters' questions without attacking anyone or melting down." There are also lots of borderline NSFW Ted Cruz jokes. Watch below. More stories from theweek.comIs Biden setting Harris up to fail?5 blisteringly funny cartoons about spring break superspreadersTrump says his supporters were 'hugging and kissing the police' during the 'zero threat' Jan. 6 Capitol siege

Read more here:
NSA Sullivan on talks with China: 'We knew it was going to be tough' - Yahoo News

NSA warns of problems over unlevel playing field of UK breeding animal trade – Agriland.co.uk

The National Sheep Association (NSA) has warned that the current inability to move breeding sheep to the EU will cause problems as the breeding season progresses.

NSA chief executive Phil Stocker commented: With the UK government easing controls on imports from the EU until the end of the year and into 2022, we are seeing no reciprocal decisions from the EU and it feels as though our negotiating hand is being given away.

We are in the ridiculous position of being able to import live breeding animals into the UK now, but not able to export anything due to an absence of facilities to take breeding animals on the other side of the channel.

While most of the trade in breeding cattle results in animals being brought into the UK, for sheep, virtually all trade is based on farmers in the EU wanting to buy British-bred sheep something they are deprived of at the moment and a situation that is causing growing concern among a number of sheep breeders for who this is an important trade.

Stocker continued: Britain has a reputation for being the stockyard of the world with our genetics and high-quality animals being in strong demand.

If we lose our ability to move breeding animals across borders then others will soon step in.

I am concerned that the potential severity of the impact this could have on UK breeders is not being sufficiently recognised by Defra and ministers because of the link with the governments recent consultation on journey times and welfare in transport that in itself is resulting in a loss of confidence amongst breeders.

Even within the UK, the situation is dire with all promises made, broken, over free and frictionless trade between Great Britain [GB] and Northern Ireland [NI].

No one knew or expected what was coming, and it is going to be difficult for GB breeders to satisfy the Scrapie requirements for exporting the majority of breeding sheep to NI, with it needing three years to be part of the scheme that would allow trade to continue.

Equally as bad are the requirements for any animals coming from NI to GB for shows or sales to then not have the ability to return home without staying here for six months.

The NI protocols have silently killed off the majority of the trade for GB farmers selling commercial maternal sheep to NI, as well as a crucial part of the NI farming sector that is based on breeding high-value pedigree animals as part of the UK industry.

Stocker concluded: It feels like we are being told Britain is to become a bigger player on the global stage whereas the reality is that we cannot even trade with our closest neighbours.

RELATED STORIES

Read more from the original source:
NSA warns of problems over unlevel playing field of UK breeding animal trade - Agriland.co.uk

2021 Analysis of How DSS and DSS+ Technologies will Help Operators as They Roll Out 5G NSA networks and Plan for SA Networks: Dynamic Spectrum Sharing…

DUBLIN--(BUSINESS WIRE)--The "Dynamic Spectrum Sharing Will Boost Operators' 5G Network Deployments" report has been added to ResearchAndMarkets.com's offering.

Access to the 3.5GHz band is considered to be necessary for mobile network operators (MNOs) to roll out 5G services, but national regulatory authorities (NRAs) in some countries have not planned or released spectrum in this band.

MNOs in this situation should use dynamic spectrum sharing (DSS) technology to deploy 5G non-standalone (NSA) and standalone (SA) networks using the spectrum they already have.

MNOs will further benefit from what the analyst calls DSS+ solutions - those that can mix legacy 2G and 3G technologies with 4G and 5G on the same band and increase spectrum usage efficiency.

This report provides:

For more information about this report visit https://www.researchandmarkets.com/r/hp0m1h

Read this article:
2021 Analysis of How DSS and DSS+ Technologies will Help Operators as They Roll Out 5G NSA networks and Plan for SA Networks: Dynamic Spectrum Sharing...