Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

Joint Cybersecurity Advisory Issued by Australia, Canada, New Zealand, the UK and the US

October 6, 2020

On September 1, the cybersecurity authorities of Australia, Canada, New Zealand, the United Kingdom, and the United States issued a joint advisory highlighting technical approaches to uncovering malicious cyberactivity, with suggested mitigation practices. One suggestion is to analyze data in various ways to identify normal traffic patterns, so that anomalous activity is more easily identified.

The advisory lists investigative steps to help identify suspicious activity. These include identifying file names that suggest data exfiltration, watching for new connections on previously unused ports, and detecting unauthorized connections to known threat indicators. The document highlights common mistakes in handling security incidents, warning against some immediate responses that might result in adverse consequences. For instance, you want to avoid tipping off threat actors (which might make them cover their tracks or take more serious actions such as activating ransomware) and changing data that might have helped analyze an attack.

The 14-page document highlights recommended investigation and remediation processes. These are divided into general mitigation guidance and pre-incident best practices. Best practices include defensive techniques and programs to make it more difficult for a threat actor to get persistent, undetected access to a network. Knowing that no single technique, program, or set of defensive techniques or programs will completely prevent attacks, the advisory recommends a layered approach with multiple defensive techniques and programs to provide a complex barrier to entry, increase the likelihood of detection, and decrease the likelihood of a successful attack.

Fourteen pages makes for relatively light reading. Coffee will help.

HT to Dave Ries.

Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225|Fairfax, VA 22030
Email: Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson

Sharon D. Nelson, Esq.
President

Subscribe in a Reader

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Ride the Lightning

Joint Cybersecurity Advisory Issued by Australia, Canada, New Zealand, the UK and the US

Subscribe for More!

Recent Posts

Listen to the Podcast

Disclaimer