NSA, FBI, and CISA Release Phishing Guide: How to Stop the Attack

The National Security Agency, Federal Bureau of Investigation and Cybersecurity and Infrastructure Security Agency have recently co-published a guide entitled Phishing Guidance: Stopping the Attack Cycle at Phase One.  Phishing is a term used to describe practices used by malicious actors to try and gain personal information on somebody, in the hopes of gaining access to enterprise networks, protected resources, emails, and other sensitive information.  These attacks come in many forms, the most common are emails, texts (SMS), or even phone calls, in which the malicious actor attempts to impersonate a friend, family member, coworker, boss, or someone in need.  These malicious actors will attempt to get the end user to click on a link, attachment, or image, which will download malware on the end users device, compromising the device and the information on it.  A full list of the recommended mitigation practices can be found in the guide. Recommendations for small and medium sized businesses/organizations include:

• User phishing awareness training
• Identify network phishing vulnerabilities
• Enable Multi-Factor Identification (MFA)
• Implement strong password policy.
• Implement strong DNS Filtering or firewall denylists
• Implement Anti-virus solutions
• Implement File restriction policies
• Ensure software applications are set to automatically update
• Enable safe web browsing policies
• Implement a secure VPN
• Reference the Federal Communications Commission’s (FCC) Cyber Planner Guide
• Consider migrating to managed cloud-based email services from reputable third-party vendors