Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

NSA Shares Guidance for Government Employees on Securing Wireless Devices in Public

The National Security Agency (NSA) has published a new document to provide a series of recommendations on how governmental agencies in the United States can mitigate the cybersecurity risks associated with the use of wireless devices in public settings.

The National Security Agency (NSA) has published a new document to provide a series of recommendations on how governmental agencies in the United States can mitigate the cybersecurity risks associated with the use of wireless devices in public settings.

Given the wide adoption of telework due to the COVID-19 pandemic, both businesses and end users need to ensure increased protection of personal and corporate data, especially in public settings. The NSA points out that securing devices for the use of public Wi-Fi hotspots is not enough, as their Bluetooth and Near Field Communications (NFC) functions require similar attention as well.

“To ensure data, devices, and login credentials remain secure and uncompromised, cybersecurity is a crucial priority for users and businesses. This includes identifying higher-risk public networks and implementing security best practices while in public settings, whether connecting laptops, tablets, mobile phones, wearable accessories, or other devices with the ability to connect to the internet,” the NSA says.

The guidance is aimed at National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) users, but it can also be useful to the general public. The agency’s infosheet recommends a series of best practices for securing wireless devices when they are used in public places.

Connecting to public Wi-Fi networks is not recommended, as this may expose devices to various attacks. When such connections are necessary, however, the use of a virtual private network (VPN) to encrypt the traffic is recommended, along with secure browsing methods, to ensure data is protected from Wi-Fi snooping.

Bluetooth, the NSA notes, may be convenient for transmitting data between devices within short distances, but could pose a risk in public settings, where attackers may abuse the technology to access information about targeted devices or “send, collect, or manipulate data and services on the device” by leveraging various Bluetooth compromise techniques.

[Also read: One Year Later, Over 2 Billion Devices Still Exposed to BlueBorne Attacks]

NFC, which is used for various applications such as contactless payments and close device-to-device data transfers, could also be abused for malicious attacks, albeit the NFC range limitations minimize opportunities to exploit vulnerabilities in the protocol. Even so, the NSA recommends that users disable the function when it is not in use.

Advertisement. Scroll to continue reading.

The agency also recommends keeping device operating systems and other software updated at all times, using security applications, using multi-factor authentication whenever possible, rebooting mobile devices after using public Wi-Fi, enabling firewalls on laptops, configuring Web-Proxy Autodiscovery Protocol (WPAD) for corporate proxies, and disabling Link-Local Multicast Name Resolution (LLMNR) and Netbios Name Service (NBT-NS), where applicable.

Should connecting to a public Wi-Fi network be necessary, the NSA recommends connecting to secured Wi-Fi hotspots only, and only if the network uses WPA2-encryption at a minimum. Moreover, users are advised to delete the Wi-Fi network from the device after disconnecting from it, erase any other unused Wi-Fi networks from the device, and limit browsing to the necessary websites and accounts.

Furthermore, users are advised to periodically monitor Bluetooth connections, disable the function when it is not in use, disable discovery mode if not needed when Bluetooth is active, and be selective of the applications that are allowed to use Bluetooth.

“Users should consider additional security measures, including limiting/disabling device location features, using strong device passwords, and only using trusted device accessories, such as original charging cords,” the NSA also says.

Jake Williams, co-founder and CTO at incident response firm BreachQuest, commented, “While people should be generally cautious when connecting to public WiFi, advising them never to use public WiFi is not realistic for most. With the rise of ubiquitous encryption, particularly the use of HTTPS, the risks of using public WiFi today are a fraction of what they were even a few years ago.”

“Security practitioners should also be communicating the relative risks of using public WiFi with a laptop versus a cellphone or tablet. Laptops frequently use technologies, such as LLMNR, that make using public WiFi significantly more risky. Cell phones and tablets on the other hand typically do not use such technologies,” Williams added.

Related: NSA Issues Guidance on Securing IT-OT Connectivity

Related: NSA Publishes Guidance on Adoption of Zero Trust Security

Related: NSA, DHS Issue Guidance on Protective DNS

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Mobile & Wireless

Samsung smartphone users warned about CVE-2023-21492, an ASLR bypass vulnerability exploited in the wild, likely by a spyware vendor.

Malware & Threats

Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down.

Fraud & Identity Theft

A team of researchers has demonstrated a new attack method that affects iPhone owners who use Apple Pay and Visa payment cards. The vulnerabilities...

Mobile & Wireless

Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs...

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Mobile & Wireless

Asus patched nine WiFi router security defects, including a highly critical 2018 vulnerability that exposes users to code execution attacks.