#RSAC: NSA Outlines Threats from Russia, China and Ransomware
NSA's director of cybersecurity describes recent threat activity during the RSA Conference 2022
The National Security Agency (NSA) is a U.S. intelligence authority whose guidance supports cybersecurity defense and cryptographic practice.
Search across headline titles and summaries.
Background for this topic.
NSA is the U.S. National Security Agency, responsible chiefly for signals intelligence (SIGINT)—collecting and analyzing foreign electronic communications and other signals—and for cybersecurity of U.S. national security systems. Its cybersecurity work includes cryptography, secure communications, technical standards and guidance, and coordinated advisories about threats and vulnerabilities. The tag may also cover the agency’s intelligence authorities and disclosures.
For practitioners, NSA advisories can provide threat indicators, exploit details, mitigations, and hardening advice, but their scope and authority matter: many recommendations target classified or other national-security systems rather than ordinary enterprise environments, and are not automatically legal or regulatory requirements. NSA activities can also raise privacy and governance questions around surveillance, vulnerability handling, and access to sensitive systems. Organizations should validate applicability, prioritize mitigations through vulnerability management, and protect NSA-derived threat intelligence and cryptographic guidance from unauthorized disclosure.
NSA's director of cybersecurity describes recent threat activity during the RSA Conference 2022
NSA, FBI and CISA issue joint advisory that suggests China hardly has to work for this – flaws revealed in 2017 are among their entry points State-sponsored Chinese attackers are actively exploiting old vulnerabilities to "establish a broad network of compromised infrastructure" then using it to attack telcos and network services providers.…