The NSA's infosec tips won't stop you from being hacked

Posted: January 27, 2015 at 10:52 am

Earlier this month, the NSAs cyber security wing released its best practice guide to defending against destructive malware - presumably with one eye on the beleaguered Sony bosses who continue to deal with the fallout from the companys high profile hack.

The report (PDF) focuses on cost-effective countermeasures that can be easily established in your organisation to make life more difficult for the average attacker.

Starting with controls such as segregation of networks, protection and restriction of the use of administrative privileges, and whitelisting authorised application execution on your systems, the tips aim to circumvent the damage cyber bad guys can do.

But is the NSA's new fact sheet just wishful thinking from the US spy agency? Would any of this information have stopped something like the Sony attack from happening?

I have scoured the content of the document in search of anything new. I didn't find it.

None of this is groundbreaking advice (and none of it should be new to the security team at Sony).

The NSA best practice controls will already be familiar to anyone following our own Australian Signals Directorate (ASD) guidelines on attack mitigation strategies, including its highly regarded Top 4 Strategies to Mitigate Targeted Cyber Intrusions-a mandatory requirement for government departments adhering to the Protective Security Policy Framework (PSPF).

Whitelisting, reduction of administrative privileges and a comprehensive approach to patching feature heavily in the ASDs top four. Its top 35 adds even more defensive measures that can be implemented to protect your organisation.

Nearly all of the mitigations listed in the NSA document - such as the use of Microsofts Enhanced Mitigation Experience Toolkit (EMET) and subscribing to cloud-based reputation services - are also covered in the ASD documentation.

As a result I was rather disappointed with this latest effort from the NSA. Realistically, the only valuable advice in this document is a warning for organisations to prepare for the worst.

Read more here:
The NSA's infosec tips won't stop you from being hacked

Related Posts