NSA shares guidance on how to secure your wireless devices
The US National Security Agency (NSA) today published guidance on how to properly secure wireless devices against potential attacks targeting them when traveling or working remotely.
While NSA’s recommendations are designed to help National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) teleworkers, they apply to all remote workers alike.
The info sheet published today by the NSA can help identify potential threats and vulnerable public connections, as well to minimize risks and better secure wireless devices and data.
“Cyber actors can compromise devices over Bluetooth, public Wi-Fi, and Near-Field Communications (NFC), a short-range wireless technology. This puts personal and organizational data, credentials, and devices at risk,” the NSA explains.
“If users must connect to public Wi-Fi, they should take necessary precautions, such as using a personal or corporate-provided virtual private network (VPN) to encrypt the traffic.”
Avoid public hotspots and disable unused wireless radios
Hijacked wireless devices, including laptops, tablets, mobile, and wearable accessories, can lead to the compromise of personal and corporate data, such as credentials and sensitive documents.
To mitigate these risks, the NSA recommends avoiding public Wi-Fi networks as they expose traffic data to theft or manipulation, disabling Bluetooth and NFC radios while in public and not in use to avoid exposing info that can be used to hack the device.
“Users should consider additional security measures, including limiting/disabling device location features, using strong device passwords, and only using trusted device accessories, such as original charging cords,” the NSA added.
“Before conducting business remotely or in public settings users should obtain explicit authorization from their organization to do so.”
Earlier this year, CISA also released advice on securing internet-enabled devices when traveling and urged taking precautions to ensure their physical security and access the internet only over trusted connections to lower the risk of identity theft.
The US intelligence agency has previously shared advice on how to secure voice and video communications, mitigate weak encryption protocols, secure IPsec Virtual Private Networks, and reduce location tracking risks.
Also Read: 5 Types of Ransomware, Distinguished