Diamond Member Pelican Press 0 Posted December 3 Diamond Member Share Posted December 3 This is the hidden content, please Sign In or Sign Up US updates telco security guidance after mass ******** hack The ******* States’ This is the hidden content, please Sign In or Sign Up (CISA), alongside the National Security Agency (NSA), the FBI, and cyber agencies from Australia, Canada and New Zealand have published a ****** security guide for communications services providers (CSPs) in the wake of a series of China-backed incursions on major US telcos. This is the hidden content, please Sign In or Sign Up , the incidents saw household names including AT&T and Verizon attacked by an advanced persistent threat (APT) group tracked as Salt Typhoon. The audacious campaign saw Salt Typhoon operatives break into their targets’ systems and then went on to steal customer call record data. The group was able to compromise the private communications of a number of unnamed individuals “primarily involved in government or political activity”, and also copied some data that was subject to US law enforcement requests pursuant to court orders. This is the hidden content, please Sign In or Sign Up which first broke the story, Salt Typhoon may have been actively harvesting data from its victims for a ******* of several months. The new guide sets out a number of actions that defenders working in the communications sector should be taking to identify strange behaviour, root out vulnerabilities and threats, and respond to cyber incidents. It also provides guidance on how to reduce their exposure to vulnerabilities, improve secure configuration habits, and cut down the number of likely entry points. “The PRC-affiliated cyber activity poses a serious threat to critical infrastructure, government agencies, and businesses. This guide will help telecommunications and other organizations detect and prevent compromises by the PRC and other cyber actors,” said CISA executive assistant director for cyber security, Jeff Greene. “Along with our US and international partners, we urge software manufacturers to incorporate Secure-by-Design principles into their development lifecycle to strengthen the security posture of their customers. Software manufacturers should review our Secure by Design resources and put their principles into practice.” Bryan Vorndran, assistant director at the FBI Cyber Division, added: “Threat actors affiliated with the People’s Republic of China (PRC) … have targeted commercial telecommunications providers to compromise sensitive data and engage in cyber espionage. “We strongly encourage organisations to review and implement the recommended measures in this guide and to report suspicious activity to their local FBI field office.” “These hacks are a reminder that … domestic communications infrastructure is critical to our national security,” said Tim Perry, head of strategy at This is the hidden content, please Sign In or Sign Up , a US-based supplier of assistive technology to emergency call handlers and first responders. “State actors have the resources and the motivation to exploit our network vulnerabilities, quietly infiltrate our communications networks and collect our most sensitive data. That’s why local, state and federal law enforcement agencies – whether they are running wiretaps, supporting law enforcement sensitive operational communications or just administering their local 911 system – must remain up to date on the latest cyber threats.” Advice for network engineers The full guidance, This is the hidden content, please Sign In or Sign Up , is also highly pertinent to any organisation running on-premise enterprise equipment, particularly operators of critical national infrastructure (CNI), which should be implementing it as a matter of course. Besides those tasked with defending communications networks, it sets out steps that network engineers who may not necessarily be steeped in cyber security best practice could, and should, take. These include scrutinising and investigating any strange configuration modifications or alterations to devices such as switches, routers or firewalls, inventorising these devices, implementing network flow monitoring, limiting exposure of management traffic to the public internet, monitoring user and service account logins for anomalies, and implementing secure, centralised logging. Engineers may also wish to set up an out-of-band management network physically separated from the operational data flow network, implementing access control lists (ACLs), deploy stronger network segmentation with router ACLs, stateful packet inspection and the like, harden and secure virtual private network (VPN) gateways, implement end-to-end encryption, and much more. It also includes guidance specific to a number of Cisco-specific features known to have been exploited by Salt Typhoon, including applying hardening best practice to all Cisco operating systems, such as This is the hidden content, please Sign In or Sign Up and This is the hidden content, please Sign In or Sign Up . This is the hidden content, please Sign In or Sign Up #updates #telco #security #guidance #mass #******** #hack This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up Link to comment https://hopzone.eu/forums/topic/180242-us-updates-telco-security-guidance-after-mass-chinese-hack/ Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now