{"id":140,"date":"2016-02-03T06:40:55","date_gmt":"2016-02-03T14:40:55","guid":{"rendered":"http:\/\/www.founditdata.com\/blog\/?p=140"},"modified":"2016-02-03T06:40:55","modified_gmt":"2016-02-03T14:40:55","slug":"nsa-chief-hacker-reveals-how-he-can-be-kept-away-part-2","status":"publish","type":"post","link":"https:\/\/www.fidcyber.com\/blog\/security\/nsa-chief-hacker-reveals-how-he-can-be-kept-away-part-2\/","title":{"rendered":"NSA Chief Hacker Reveals How He Can Be Kept Away \u2013 Part 2"},"content":{"rendered":"<p><a href=\"http:\/\/www.founditdata.com\/blog\/wp-content\/uploads\/2016\/02\/CIA-flag.png\" rel=\"attachment wp-att-141\"><img loading=\"lazy\" decoding=\"async\" class=\"size-medium wp-image-141 aligncenter\" src=\"http:\/\/www.founditdata.com\/blog\/wp-content\/uploads\/2016\/02\/CIA-flag-300x180.png\" alt=\"CIA-flag\" width=\"300\" height=\"180\" srcset=\"https:\/\/www.fidcyber.com\/blog\/wp-content\/uploads\/2016\/02\/CIA-flag-300x180.png 300w, https:\/\/www.fidcyber.com\/blog\/wp-content\/uploads\/2016\/02\/CIA-flag-768x461.png 768w, https:\/\/www.fidcyber.com\/blog\/wp-content\/uploads\/2016\/02\/CIA-flag.png 1024w, https:\/\/www.fidcyber.com\/blog\/wp-content\/uploads\/2016\/02\/CIA-flag-800x480.png 800w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p style=\"text-align: left;\"><strong><em>This is the second entry in a two-part series covering the NSA\u2019s chief hacker\u2019s recent talk at a security conference. Rob Joyce, the head of the Tailored Access Operations program put in place by the NSA to conduct cyberespionage operations on foes and allies alike, briefly revealed how state-sponsored hackers infiltrate their targets\u2019 networks, often successfully. <\/em><\/strong><\/p>\n<p>Rob Joyce quickly ran through a list of to-dos for those who are looking to make his job harder. He could be forgiven for cutting short this particular portion of his talk.<\/p>\n<p>Speaking candidly, the NSA hacker-in-chief explained that special access privileges to critical systems ought to be restricted to a select few. This inherently makes the NSA\u2019s task difficult as the number of targeted are lowered. Furthermore, he nodded toward segmenting networks and vital information and data. Such a move makes it harder for hackers to gain access to what they\u2019re looking for.<\/p>\n<p>The NSA employee also recommends patching systems regularly. Application whitelisting is also important for trust. Hardcoded passwords are a strict no-no and ought to be removed. So too should legacy protocols that aren\u2019t updated and are still functional. More specifically, protocols that transmit passwords in the clear, should be curbed.<\/p>\n<p>Joyce also pointed to roadblocks that make his job significantly harder. One such roadblock is an \u201cout-of-band network tap.\u201d This is a device that continually monitors network activity and maintains logs that can record anomalous activity. When these logs are being looked and read into regularly by a system administrator the game is up.<\/p>\n<p>Another insight revealed by Joyce goes against popular opinion that state-sponsored hackers via the NSA or other agencies around the world. He claimed that the NSA does not rely on zero-day exploits, not extensively anyway. He says the NSA doesn\u2019t heavily look at zero-days, simply because they don\u2019t have to.<\/p>\n<p>\u201c[With] any large network, I will tell you that persistence and focus will get you in, will achieve that exploitation without the zero days,\u201d he says.<\/p>\n<p><strong>There\u2019s so many more vectors that are easier, less risky and quite often more productive than going down that route.<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>This is the second entry in a two-part series covering the NSA\u2019s chief hacker\u2019s recent talk at a security conference. Rob Joyce, the head of the Tailored Access Operations program put in place by the NSA to conduct cyberespionage operations &hellip; <a href=\"https:\/\/www.fidcyber.com\/blog\/security\/nsa-chief-hacker-reveals-how-he-can-be-kept-away-part-2\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8,7,9],"tags":[],"class_list":["post-140","post","type-post","status-publish","format-standard","hentry","category-network","category-security","category-technology"],"_links":{"self":[{"href":"https:\/\/www.fidcyber.com\/blog\/wp-json\/wp\/v2\/posts\/140"}],"collection":[{"href":"https:\/\/www.fidcyber.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.fidcyber.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.fidcyber.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.fidcyber.com\/blog\/wp-json\/wp\/v2\/comments?post=140"}],"version-history":[{"count":1,"href":"https:\/\/www.fidcyber.com\/blog\/wp-json\/wp\/v2\/posts\/140\/revisions"}],"predecessor-version":[{"id":142,"href":"https:\/\/www.fidcyber.com\/blog\/wp-json\/wp\/v2\/posts\/140\/revisions\/142"}],"wp:attachment":[{"href":"https:\/\/www.fidcyber.com\/blog\/wp-json\/wp\/v2\/media?parent=140"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.fidcyber.com\/blog\/wp-json\/wp\/v2\/categories?post=140"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.fidcyber.com\/blog\/wp-json\/wp\/v2\/tags?post=140"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}