NSA Jointly Releases Technical Guidance For Mitigating Active Directory Attacks
The National Security Agency (NSA) joins the Australian Signals Directorate’s Australian Cyber Security Centre (ASD ACSC) and others in releasing the Cybersecurity Technical Report (CTR), “Detecting and Mitigating Active Directory Compromises.” The guidance provides prevention and detection strategies for the most prevalent techniques used to target Active Directory (AD).?
Active Directory (AD) is Microsoft's proprietary directory service. It runs on Windows Server and enables administrators to manage permissions and access to network resources. Active Directory stores data as objects.
Gaining control over AD gives malicious actors privileged access to all systems and users managed by AD, according to the CTR. With privileged access, malicious actors can bypass other controls and access systems, including email and file servers, and critical business applications. Malicious actors can also modify AD information to establish persistent access and remotely login to organizations, bypassing multi-factor authentication (MFA) controls.?
“Like numerous other networks, Active Directory is used in many Department of Defense and Defense Industrial Base networks as a critical component for managing identities and access,” said Dave Luber, NSA Cybersecurity Director. “This makes it an attractive target for malicious actors to attempt to steal the proverbial ‘keys to the kingdom.’ Taking steps to properly defend AD from these common and advanced techniques will detect and prevent adversary activities and protect sensitive data from determined malicious cyber actors.”?
First released by Microsoft in 1999, Active Directory is the most widely used authentication and authorization solution in enterprise Information Technology (IT) networks globally. This guidance addresses the most common techniques used against Active Directory Domain Services, Active Directory Federation Services, and Active Directory Certificate of Services, detailing each technique and how to mitigate it.?
Account Executive at Streamerz101
5 个月time take our syy sea space loworbet satalights rasbery oi got oi sypy sat prograno wood like funding for lazer defecze netwirk 2o28 scotish sla znd newc conceots we can butn out these drones with lazer
We appreciate the NSA's detailed strategies on Active Directory security. Offensive Security Manager (OSM) at www.ofsecman.io offers AI-powered predictive risk management and data analytics, seamlessly integrating with diverse security tools. OSM enhances operational efficiency, strategic threat analysis, and compliance-guided planning, aligning with the NSA's recommendations. Visit www.ofsecman.io to learn more. #cybersecurity #infosec #activedirectory #offensivesecuritymanager #offensivesecurity
An essential read for anyone managing an Active Directory environment. The NSA’s comprehensive strategies for detecting and mitigating compromises are critical in today's cybersecurity landscape.
Computer Science Engineer as Senior System Administrator
5 个月I agree