Connect with us

Hi, what are you looking for?


Incident Response

NSA Publishes Cybersecurity Year in Review Report

The United States National Security Agency (NSA) has released its 2020 Cybersecurity Year in Review report, which summarizes the NSA Cybersecurity Directorate’s first full year of operation.

The United States National Security Agency (NSA) has released its 2020 Cybersecurity Year in Review report, which summarizes the NSA Cybersecurity Directorate’s first full year of operation.

The Cybersecurity Directorate was formally announced in July 2019, with a focus on protecting national security networks and the defense industrial base. Led by Ms. Anne Neuberger, Director of Cybersecurity, the Directorate was also aiming to improve cybersecurity efforts through partnerships.

NSA Year in Review: 2020The Cybersecurity Directorate remained true to its goal throughout 2020, the report claims, working to prevent and eradicate cyber threats through combining threat intelligence and cryptography knowledge with vulnerability analysis and defense operations.

“Drawing on lessons learned from the 2016 presidential election and the 2018 mid-term elections, NSA was fully engaged in whole-of-government efforts to protect the 2020 election from foreign interference and influence. Cybersecurity was a foundational component of NSA’s overall election defense effort,” the report (PDF) reads.

Last year, the NSA helped the Department of Defense (DoD) eliminate weak cryptography and approved quantum-resistant cryptographic algorithms, to ensure that the Department’s cryptography is modern enough to resist quantum computing attacks.

In the context of the COVID-19 pandemic, the NSA helped the DoD’s transition to telework, providing solutions for approximately 100,000 users to work remotely securely. Furthermore, the Agency was involved in Operation Warp Speed (OWS), an effort aimed at accelerating the development of a COVID-19 vaccine.

Since the Directorate’s creation, the NSA has provided 30 unique, timely and actionable cybersecurity products to alert the National Security System (NSS), DoD, and Defense Industrial Base (DIB) network owners of cyber-threats.

Some of the intelligence shared by the Agency in 2020 includes details on Windows 10 flaws and on Drovorub malware, IOCs associated with the targeting of Exim mail servers by the Russia-linked Sandworm Team, details on bugs threat actors abuse to install web shell malware on web servers, and a list of 25 vulnerabilities commonly targeted by Chinese threat actors.

Advertisement. Scroll to continue reading.

Although the Cybersecurity Advisories (CSAs) were mainly destined for NSS, DoD, and DIB owners, the private sector in the United States and abroad could also leverage the intelligence to strengthen security posture, the NSA says.

Furthermore, the NSA released guidance on properly configuring IPsec VPNs (IP Security Virtual Private Networks), on how to customize the Unified Extensible Firmware Interface (UEFI) Secure Boot, and how to security networks and employees during telework.

Last year, NSA’s Cybersecurity Collaboration Center worked on advancing public-private collaboration and on refocusing Enduring Security Framework (ESF) efforts toward the security of 5G deployments. The Agency also launched the Center for Cybersecurity Standards (CCSS), meant to engage with standards bodies.

“NSA also continues to discover and release cybersecurity vulnerabilities to private industry through an approved, intra-government process. For the past three years, vulnerability disclosures by NSA have trended upward, as the Agency commits to enabling the security of commercial technologies that the U.S. Government, our military, our businesses, and our citizens rely upon,” the Agency notes.

Related: Pentagon Plan on Cyber Split Draws Strong Hill Criticism

Related: NSA and CISA Alert Highlights Urgency for OT Security

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.