The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and international partners have published a joint guide aimed at enhancing the security of communications infrastructure.
The guide, titled Enhanced Visibility and Hardening Guidance for Communications Infrastructure, was released on December 3, 2024, in response to cyber threats linked to the People’s Republic of China (PRC)-affiliated threat actors who have targeted global telecommunications networks.
“The U.S. government’s continued investigation into the People’s Republic of China (PRC) targeting of commercial telecommunications infrastructure has revealed a broad and significant cyber espionage campaign,” said a November 13, 2024, statement issued by the FBI and CISA. “Specifically, we have identified that PRC-affiliated actors have compromised networks at multiple telecommunications companies to enable the theft of customer call records data, the compromise of private communications of a limited number of individuals who are primarily involved in government or political activity, and the copying of certain information that was subject to U.S. law enforcement requests pursuant to court orders. We expect our understanding of these compromises to grow as the investigation continues.”
The latest guidance is primarily directed at network engineers and defenders of communications infrastructure, offering a set of best practices to help organizations protect their networks from compromise.
The document focuses on improving visibility, identifying vulnerabilities, and reducing potential entry points for cyber actors.
The threat, which has been previously highlighted by CISA and the FBI, involves PRC-affiliated cyber actors compromising telecommunications providers globally.
The newly published guide aims to help organizations quickly identify signs of anomalous behavior, strengthen security configurations, and respond effectively to cyber incidents.
“This guide is an important tool for protecting our critical infrastructure from malicious cyber activity,” said Jeff Greene, executive assistant director for Cybersecurity at CISA. “By following these practices, organizations can improve their ability to detect and respond to compromises, particularly those linked to PRC-affiliated actors, and better secure their networks against future threats.”
The publication of this guide follows previous warnings from CISA and the FBI regarding the PRC-affiliated cyber campaign, which has compromised sensitive data from commercial telecommunications providers and engaged in cyber espionage.
Bryan Vorndran, assistant director of the FBI’s Cyber Division, emphasized the importance of the guidance for enhancing the visibility of network defenders and hardening devices to prevent exploitation.
“We encourage all organizations, especially those in the telecommunications sector, to review and implement the recommended measures,” said Vorndran. “Additionally, we urge organizations to report any suspicious activity to their local FBI field office.”
While the guide is tailored to the telecommunications sector, it also provides valuable recommendations that can be applied to organizations with on-premises enterprise equipment. CISA has encouraged all critical infrastructure sectors to adopt the security best practices outlined in the guide.
The threats are not new. In January, FBI Director Christopher Wray testified before Congress about the imminent threat that Chinese hackers pose to critical infrastructure and China’s capability to threaten US national and economic security.
The agencies also stressed the importance of software manufacturers incorporating Secure by Design principles into their development processes.
CISA’s Greene urged manufacturers to review resources available on the Secure by Design initiative and integrate these principles into their products to strengthen the overall security posture of their customers.
For more details and resources related to the PRC cyber threat, organizations are advised to visit CISA’s dedicated webpage on the issue.
CISA, NSA, and FBI are key U.S. agencies responsible for securing the nation’s critical infrastructure from cyber threats.
Together with their international partners, these government agencies work to prevent, detect, and mitigate cyber threats targeting public, business, and telecommunications networks worldwide.
Discover more from NJTODAY.NET
Subscribe to get the latest posts sent to your email.