NCSC and DoS unveil guidance on surveillance tool attacks

The US National Counterintelligence and Security Center and the Department of state have issued guidance on protecting against attacks that use commercial surveillance tools.

According to Security Affairs, the joint guidance provides best practices on defending against attacks carried out by threat actors using commercial surveillance tools.

In the joint guidance, the two organisations provide a list of cybersecurity practices to help mitigate the risk of exposure to attacks using these tools. These including regularly updating device operating systems and mobile applications and being suspicious of content from unfamiliar senders.

Users should also not click on suspicious links or suspicious emails and attachments and should check URLs before clicking them. They should also regularly restart mobile devices, which can help to damage or remove malware implants. Encrypting and password protecting your device is also recommended, as well as maintaining physical control of your device when possible.

The NCSC and the DoS additionally called on users to use trusted virtual private networks and disable geo-location options and cover camera on devices.

The guidance read, “Journalists, dissidents, and other persons around the world have been targeted and tracked using these tools, which allow malign actors to infect mobile and internet-connected devices with malware over both WiFi and cellular data connections. In some cases, malign actors can infect a targeted device with no action from the device owner. In others, they can use an infected link to gain access to a device.”

Copyright © 2022 RegTech Analyst

Enjoyed the story? 

Subscribe to our weekly RegTech newsletter and get the latest industry news & research

Copyright © 2018 RegTech Analyst

Investors

The following investor(s) were tagged in this article.