Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

NSA Publishes Cybersecurity Year in Review Report

The United States National Security Agency (NSA) has released its 2020 Cybersecurity Year in Review report, which summarizes the NSA Cybersecurity Directorate’s first full year of operation.

The United States National Security Agency (NSA) has released its 2020 Cybersecurity Year in Review report, which summarizes the NSA Cybersecurity Directorate’s first full year of operation.

The Cybersecurity Directorate was formally announced in July 2019, with a focus on protecting national security networks and the defense industrial base. Led by Ms. Anne Neuberger, Director of Cybersecurity, the Directorate was also aiming to improve cybersecurity efforts through partnerships.

NSA Year in Review: 2020The Cybersecurity Directorate remained true to its goal throughout 2020, the report claims, working to prevent and eradicate cyber threats through combining threat intelligence and cryptography knowledge with vulnerability analysis and defense operations.

“Drawing on lessons learned from the 2016 presidential election and the 2018 mid-term elections, NSA was fully engaged in whole-of-government efforts to protect the 2020 election from foreign interference and influence. Cybersecurity was a foundational component of NSA’s overall election defense effort,” the report (PDF) reads.

Last year, the NSA helped the Department of Defense (DoD) eliminate weak cryptography and approved quantum-resistant cryptographic algorithms, to ensure that the Department’s cryptography is modern enough to resist quantum computing attacks.

In the context of the COVID-19 pandemic, the NSA helped the DoD’s transition to telework, providing solutions for approximately 100,000 users to work remotely securely. Furthermore, the Agency was involved in Operation Warp Speed (OWS), an effort aimed at accelerating the development of a COVID-19 vaccine.

Since the Directorate’s creation, the NSA has provided 30 unique, timely and actionable cybersecurity products to alert the National Security System (NSS), DoD, and Defense Industrial Base (DIB) network owners of cyber-threats.

Some of the intelligence shared by the Agency in 2020 includes details on Windows 10 flaws and on Drovorub malware, IOCs associated with the targeting of Exim mail servers by the Russia-linked Sandworm Team, details on bugs threat actors abuse to install web shell malware on web servers, and a list of 25 vulnerabilities commonly targeted by Chinese threat actors.

Although the Cybersecurity Advisories (CSAs) were mainly destined for NSS, DoD, and DIB owners, the private sector in the United States and abroad could also leverage the intelligence to strengthen security posture, the NSA says.

Furthermore, the NSA released guidance on properly configuring IPsec VPNs (IP Security Virtual Private Networks), on how to customize the Unified Extensible Firmware Interface (UEFI) Secure Boot, and how to security networks and employees during telework.

Last year, NSA’s Cybersecurity Collaboration Center worked on advancing public-private collaboration and on refocusing Enduring Security Framework (ESF) efforts toward the security of 5G deployments. The Agency also launched the Center for Cybersecurity Standards (CCSS), meant to engage with standards bodies.

“NSA also continues to discover and release cybersecurity vulnerabilities to private industry through an approved, intra-government process. For the past three years, vulnerability disclosures by NSA have trended upward, as the Agency commits to enabling the security of commercial technologies that the U.S. Government, our military, our businesses, and our citizens rely upon,” the Agency notes.

Related: Pentagon Plan on Cyber Split Draws Strong Hill Criticism

Related: NSA and CISA Alert Highlights Urgency for OT Security

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Incident Response

Cygnvs emerges from stealth mode with an incident response platform and $55 million in Series A funding.

Risk Management

A threat-based approach to security often focuses on a checklist to meet industry requirements but overlooked the key component of security: reducing risk.

Risk Management

CISA has published a report detailing the cybersecurity risks to the K-12 education system and recommendations on how to secure it.