Search
Close this search box.

We are creating some awesome events for you. Kindly bear with us.

U.S. Best Practices for Safeguarding Remote Access Software

The Guide to Securing Remote Access Software, together released by the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Multi-State Information Sharing and Analysis Center (MS-ISAC) and Israel National Cyber Directorate (INCD), offers insights on identifying and safeguarding against malicious activities related to this software, including common exploits and associated tactics, techniques, and procedures (TTPs).

Although remote access software offers useful functionalities, it is frequently exploited by malicious actors to bypass detection and establish network connections via cloud-hosted infrastructure. This guide addresses the significance of these techniques, as demonstrated by recent cases.

Derived from an ongoing collaborative initiative between public and private entities, this collective guide furnishes essential guidance to professionals and organisations operating in the domains of information technology (IT), operational technology (OT), and industrial control systems (ICS). It offers a comprehensive set of recommendations encompassing the secure utilisation of remote access software alongside strategies for detecting and mitigating threats from malicious actors who exploit remote access tools for their nefarious purposes.

Eric Goldstein, Executive Assistant Director for Cybersecurity, emphasised the significance of ongoing collaboration with partners in mitigating cyber risks for the public and private sectors. The joint guide is a valuable resource for organisations, providing insights into detecting and mitigating malicious exploitation of remote access software.

Eric Chudow, NSA’s System Threats and Vulnerability Analysis Subject Matter Expert, highlighted the dual nature of remote access as both a useful option and a potential threat vector, stressing the importance of proper security measures to prevent unauthorised control and the application of “living off the land” techniques. The contributions of the Israel National Cyber Directorate were also acknowledged, underscoring the commitment to strong collaboration with U.S. and international partners in delivering timely and actionable guidance to address emerging risks.

Bryan Vorndran, Assistant Director of the FBI’s Cyber Division, expressed the FBI’s commitment to preventing malicious cyber actors from exploiting remote access software networks for malicious purposes. Collaboration with federal, international, and private sector partners is key in combating such threats. Vorndran emphasised the importance of sharing insights from guides like this and reporting computer intrusions to strengthen network defences and prevent future victimisation.

Tom Alexandrovich, Executive Director of the Cyber Defense Division at the INCD, underscored the widespread use of major remote-control tools by APT and ransomware groups in cyber-attacks. These groups take advantage of readily available tools to deploy malware effectively. The joint guide represents a coordinated effort to mitigate these threats, fostering resilience, improving best practices, and safeguarding global cyberspace from common threats and tactics.

The authoring agencies emphasise the importance of network administrators and defenders establishing a security baseline of normal network and software as a crucial initial step in implementing the recommended mitigations outlined in the guide. By understanding and monitoring the baseline, organisations can identify deviations and anomalies indicating potential malicious activities.

This proactive approach allows for a more robust and targeted defence strategy, enhancing the network infrastructure’s overall security posture and resilience in the future.

PARTNER

Qlik’s vision is a data-literate world, where everyone can use data and analytics to improve decision-making and solve their most challenging problems. A private company, Qlik offers real-time data integration and analytics solutions, powered by Qlik Cloud, to close the gaps between data, insights and action. By transforming data into Active Intelligence, businesses can drive better decisions, improve revenue and profitability, and optimize customer relationships. Qlik serves more than 38,000 active customers in over 100 countries.

PARTNER

As a Titanium Black Partner of Dell Technologies, CTC Global Singapore boasts unparalleled access to resources.

Established in 1972, we bring 52 years of experience to the table, solidifying our position as a leading IT solutions provider in Singapore. With over 300 qualified IT professionals, we are dedicated to delivering integrated solutions that empower your organization in key areas such as Automation & AI, Cyber Security, App Modernization & Data Analytics, Enterprise Cloud Infrastructure, Workplace Modernization and Professional Services.

Renowned for our consulting expertise and delivering expert IT solutions, CTC Global Singapore has become the preferred IT outsourcing partner for businesses across Singapore.

PARTNER

Planview has one mission: to build the future of connected work. Our solutions enable organizations to connect the business from ideas to impact, empowering companies to accelerate the achievement of what matters most. Planview’s full spectrum of Portfolio Management and Work Management solutions creates an organizational focus on the strategic outcomes that matter and empowers teams to deliver their best work, no matter how they work. The comprehensive Planview platform and enterprise success model enables customers to deliver innovative, competitive products, services, and customer experiences. Headquartered in Austin, Texas, with locations around the world, Planview has more than 1,300 employees supporting 4,500 customers and 2.6 million users worldwide. For more information, visit www.planview.com.

SUPPORTING ORGANISATION

SIRIM is a premier industrial research and technology organisation in Malaysia, wholly-owned by the Minister​ of Finance Incorporated. With over forty years of experience and expertise, SIRIM is mandated as the machinery for research and technology development, and the national champion of quality. SIRIM has always played a major role in the development of the country’s private sector. By tapping into our expertise and knowledge base, we focus on developing new technologies and improvements in the manufacturing, technology and services sectors. We nurture Small Medium Enterprises (SME) growth with solutions for technology penetration and upgrading, making it an ideal technology partner for SMEs.

PARTNER

HashiCorp provides infrastructure automation software for multi-cloud environments, enabling enterprises to unlock a common cloud operating model to provision, secure, connect, and run any application on any infrastructure. HashiCorp tools allow organizations to deliver applications faster by helping enterprises transition from manual processes and ITIL practices to self-service automation and DevOps practices. 

PARTNER

IBM is a leading global hybrid cloud and AI, and business services provider. We help clients in more than 175 countries capitalize on insights from their data, streamline business processes, reduce costs and gain the competitive edge in their industries. Nearly 3,000 government and corporate entities in critical infrastructure areas such as financial services, telecommunications and healthcare rely on IBM’s hybrid cloud platform and Red Hat OpenShift to affect their digital transformations quickly, efficiently and securely. IBM’s breakthrough innovations in AI, quantum computing, industry-specific cloud solutions and business services deliver open and flexible options to our clients. All of this is backed by IBM’s legendary commitment to trust, transparency, responsibility, inclusivity and service.