The National Security Agency and several other government entities in the U.S. and Israel issued a cybersecurity information sheet to warn the public about the exploitation of remote access software by cyber actors.
NSA on Tuesday released the guidance, which lists best practices to prevent or mitigate the often-undetectable attacks.
The information sheet, entitled “Guide to Securing Remote Access Software,” was co-authored by the FBI, the Cybersecurity and Infrastructure Security Agency, the Multi-State Information Sharing and Analysis Center and the Israel National Cyber Directorate.
Cyber actors are using legitimate remote access systems as a threat vector to hack and even control organizations’ systems and resources, the agencies stated. After accessing victims’ systems, the actors manage to go undetected in regular network activities.
To prepare for such malicious schemes, the guide urges network administrators and defenders to set up a security baseline of their normal software and network activities. They should also consider the National Institute of Standards and Technology’s Cybersecurity Framework in establishing a risk management strategy.
The document makes other recommendations specific to managed service providers, software-as-a-service customers, IT administrators and developers of remote access technologies.