NSA Report Focuses on How to Protect Against Evolving Phishing Attacks

The National Security Agency (NSA) and U.S. partners have released a new report describing the latest techniques in phishing attacks and the defenses organizations can deploy against them.

The Cybersecurity Information Sheet (CSI) “Phishing Guidance: Stopping the Attack Cycle at Phase One” outlines tailored cybersecurity controls for Information Technology (IT) departments to reduce phishing attacks, also known as electronically delivered social engineering. The Cybersecurity and Infrastructure Security Agency (CISA), NSA, the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) co-authored the CSI.

“Knowing how to navigate phishing danger is essential because anyone can fall victim to these attacks,” said Eric Chudow, NSA’s Cybersecurity System Threats & Vulnerability Analysis Subject Matter Expert. “Cyber threat actors are constantly evolving their techniques and harnessing new technologies to their advantage, including artificial intelligence. They are also finding it easier to deceive people who have transitioned to hybrid work environments and have fewer-face-to-face interactions.”

Cyber actors employ a wide range of technologies and platforms to conduct phishing attacks. Common vectors include short messaging system (SMS) text messages and chats in platforms such as Slack, Teams, Signal, WhatsApp, iMessage, and Facebook Messenger. Such attacks may lure users into divulging their login credentials or clicking a malicious hyperlink or attachment which then executes malware.

The CSI provides detailed mitigations to protect against login credential phishing and malware-based phishing, as well as steps for identifying and remediating successful phishing activity. It lists more than a dozen best practices for IT professionals to follow to avoid their organization being compromised, including phishing-resistant multi-factor authentication (MFA), phishing filters for links and attachments, protective DNS, application allow-lists, and remote browser isolation.

Additional guidance in the CSI focuses on software manufacturers implementing secure by design and default tactics and techniques. Software manufacturers should develop and supply software that is secure against the most prevalent phishing threats. The co-authoring agencies urge organizations to hold software manufacturers to a secure-by-design technology standard and build these and other mitigations directly into products to protect users and organizations from phishing’s malicious effects.

Read the full report here.

Featured

  • Unlocking the Possibilities

    Security needs continue to evolve and end users are under pressure to address emerging risks and safety concerns. For many, that focus starts with upgrading perimeter openings and layering technologies—beginning at the door. Read Now

  • Freedom of Choice

    In today's security landscape, we are witnessing a fundamental transformation in how organizations manage digital evidence. Law enforcement agencies, campus security teams, and large facility operators face increasingly complex challenges with expanding video data, tightening budget constraints and inflexible systems that limit innovation. Read Now

  • Accelerating a Pathway

    There is a new trend touting the transformational qualities of AI’s ability to deliver actionable data and predictive analysis that in many instances, seems to be a bit of an overpromise. The reality is that very few solutions in the cyber-physical security (CPS) space live up to this high expectation with the one exception being the new generation of Physical Identity and Access Management (PIAM) software – herein recategorized as PIAM+. Read Now

  • Protecting Your Zones

    It is game day. You can feel the crowd’s energy. In the parking lot. At the gate. In the stadium. On the concourse. Fans are eager to party. Food and merchandise vendors ready themselves for the rush. Read Now

  • Street Smarts

    The ongoing acceptance of AI and advanced data analytics has allowed surveillance camera technology to shift from being a tactical tool to a strategic business solution. Combining traditional surveillance technology with AI-based data-driven insights can streamline transportation systems, enhance traffic management, improve situational awareness, optimize resource allocation and streamline emergency response procedures. Read Now

New Products

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.