noodls browser compatibility check

The security settings of your browser are blocking the execution of scripts.

To use noodls, javascript support must be enabled. Please change your browser's security settings to enable javascript.

If you have changed your browser's security settings, you can click here.

related announcements

News

Technology

NSA/CSS - National Security Agency - Central Security Service

07/19/2021 | Press release | Distributed by Public on 07/19/2021 06:05

NSA, CISA, and FBI detail Chinese State-Sponsored Actions, Mitigations

FORT MEADE, Md. -

The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) released a Cybersecurity Advisory, Chinese State-Sponsored Cyber Operations: Observed TTPs. This advisory describes over 50 tactics, techniques, and procedures (TTPs) Chinese state-sponsored cyber actors used when targeting U.S. and allied networks, and details mitigations.

Chinese state-sponsored cyber activity poses a major threat to U.S. and allied systems. These actors aggressively target political, economic, military, educational, and critical infrastructure personnel and organizations to access valuable, sensitive data. These cyber operations support China's long-term economic and military objectives.

One significant tactic detailed in the advisory includes the exploitation of public vulnerabilities within days of their public disclosure, often in major applications, such as Pulse Secure, Apache, F5 Big-IP, and Microsoft products. This advisory provides specific mitigations for detailed tactics and techniques aligned to the recently released, NSA-funded MITRE D3FEND framework.

General mitigations outlined include: prompt patching; enhanced monitoring of network traffic, email, and endpoint systems; and the use of protection capabilities, such as an antivirus and strong authentication, to stop malicious activity.

The advisory is broken into three parts: an overview of this nation state threat for executive decision makers, a deep dive into the techniques used when targeting U.S. and allied networks, and a table providing a visualization of the malicious activity for net defenders, mapped to the MITRE ATT&CK framework.

The information in this advisory builds on NSA's previous release 'Chinese State-Sponsored Actors Exploit Publicly Known Vulnerabilities.' The NSA, CISA, and FBI recommended mitigations empower our customers to reduce the risk of Chinese malicious cyber activity, and increase the defensive posture of their critical networks.

Read the full advisory for details about this threat and how to take action against it.

For additional cybersecurity advisories, visit NSA.gov/Cybersecurity-guidance.

Sharing and Personal Tools

Please select the service you want to use: