This is how to avoid NSA spying from you
Security

This is how to avoid NSA spying from you

There those we would call the enemies of the internet freedom which the number one of them is the government, then the bad hackers.

There are some top government organiation who are spying on our online activities every moment  on the internet. One of them is the National Security Agency (NSA) who holds top position for spying our online activities in search for terrorists. They have more advanced tools that can be able to make them gain usefull information about peoples activities in the whole of the internet.

Recently, the NSA chief hacker explained how this can be avoided and to protect your network from intruders such as the NSA’s Tailored Access Operations Unit.

NSA Chief Hacker Tip To Avoid NSA Spying

The head of the National Security Agency’s Tailored Access Operations Unit known as the NSA chief hacker, Rob Joyce, give some advice to a roomful of computer security professionals and academics on how to keep people like him and his colleagues out of their systems.

NSA’s Tailored Access Operations [TAO], which is the government’s top hacking team who identifies, monitors, infiltrates, and gathers intelligence on computer systems being used by entities foreign to the United States. It has been active since 1998.

Rob Joyce has been working with the NSA for more than 25 years and became head of the TAO division in April 2013.

The Register reported  Joyce’s presentation on Wednesday at the Enigma conference, a new security conference in San Francisco, explaining how TAO operates, and advising the attendees on how to prevent state-level actors from infiltrating and exploiting their networks and IT systems.

There ways that the NSA get to your network and spoof out data. NSA tiger teams follow a six-stage process when attempting to crack a target, he explained. These are reconnaissance, initial exploitation, establish persistence, install tools, move laterally, and then collect, exfiltrate and exploit the data.

He said the goal is to find weak points, whether they be within the network architecture, or in staff who maybe work from home or bring in unauthorized devices. There’s also areas where the target network interconnects with other computer systems, like heating and ventilation controllers, which can be useful for an attack.

Once weak points are identified, intruders who can’t simply use stolen credentials to loot data from a system will plant various malware tools, create “back door” access for themselves, and otherwise establish the presence they need to carry out the rest of the six-stage attack plan.

Joyce noted that malware tools have become difficult to detect, with today’s threats coming from people who know their stolen data begins losing its value the moment they are discovered.

He also pointed out that many of these malware tools are relatively simple pieces of code, because it’s distressingly easy to trick users into downloading and activating them.

“If you really want to protect your network you have to know your network, including all the devices and technology in it,” Joyce said. “In many cases we know networks better than the people who designed and run them.”

To protect against this, admins need to lock things down as far as possible; whitelisting apps, locking down permissions, and patching as soon as possible, and use reputation management. If a seemingly legitimate user is displaying abnormal behavior, like accessing network data for the first time, chances are they have been compromised, he said.

Reputation-based tools are particularly useful against malware, Joyce explained. Signature-based antivirus won’t protect you against a unique piece of attack code, but when used in conjunction with reputation databases it can be effective – if code or a domain hasn’t been seen before there’s a high chance it’s dodgy.

Joyce stressed that off-site backups are more important than ever for big networks, because nation-state hackers are sometimes interested in destroying data, not just copying it.

He cited cases where NSA hackers have performed penetration testing, issued a report on vulnerabilities, and then when they go back two years later to test again found the same problems had not been fixed. When the NSA hacking squad comes back, he said, the first thing they do is investigate previously reported flaws and it’s amazing how many remain un-patched even after the earlier warning.

Be careful the way you operate the internet. They are watching you. This made one of the great hackers, Edward Snowden, expose them of all their activities.

If this post make changes to you your point of view on the information. Please like and share and comment below.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.