NSA touts collaboration wins following year of massive hacks

After a year marked by several unprecedented hacks, the National Security Agency’s Cybersecurity Directorate on Thursday issued an annual report to showcase its collaboration within the federal government and the U.S. private sector and warn that the digital threat landscape remains volatile.

The directorate, established in 2019, was created as a part of an overarching shift by the NSA — once nicknamed “No Such Agency” — to share its technical expertise with the public and private sectors about the kind of attacks hackers are launching and help organizations better defend against digital assaults from nation states like Russia, China and Iran — all of whom continue to improve their tradecraft. 

Last year was roiled by rapid, sweeping cyberattacks, beginning with the SolarWinds espionage campaign that impacted at least nine federal agencies to the ransomware strikes on the Colonial Pipeline, food processing giant JBS and software firm Kaseya before concluding with the discovery of the massive Log4j vulnerability that sent entities around the globe scrambling to button up their networks.

In a letter prefacing the annual report, NSA Cybersecurity Directorate chief Rob Joyce warned that the specter of online threats is likely to grow.

“Our adversaries and cyber criminals continue to push limits in cyberspace, creating more national security threats than we have ever seen,” according to Joyce, who previously served as senior advisor for cybersecurity strategy to the NSA director.

He added that malicious actors are “targeting all levels of U.S. Government, critical infrastructure, industry, academia, private citizens and our allies. This is a shared threat that requires us all to work as a coalition with a common goal.”

Figures from the 28-page annual report:

• Since it was established in 2019 the directorate has issued over 50 “actionable” cybersecurity reports, collaborating with other federal organizations like the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) as well as Five Eyes partner nations.
• The NSA’s Cybersecurity Collaboration Center (CCC) — a 36,000-square-foot unclassified space stood up in 2020 just over the intelligence agency’s fence line — has grown its roster of private industry partners from 10 to over 110.
• The CCC’s Protective Domain Name System (PDNS) pilot processed more than 3.8 billion queries and blocked more than 6.5 million malicious domains, including “known nation-state spear-phishing, botnets and malware.” The center also provided PDNS services to 40 defense industrial base contractors and “expects to scale to hundreds more in the coming year.”
• As U.S. forces withdrew from Afghanistan last summer, the NSA created a one-page visual guide to identify 27 ”current and commonly fielded forms of high assurance communications security (COMSEC) devices” used by the military and intelligence agencies so that they could be removed from the country not “end up in the wrong hands.”