NSA and CISA Offer Tools to Combat Open-Source Software Cyberthreats

MARCH 1ST, 2022

A recent Forrester blog was headlined “Avoid An Open Source Security Nightmare.” Those potential nightmares become very real when a vulnerability is exposed, and your network is breached. That’s not a far-fetched scenario, given that Forrester’s The State of Application Security 2021 report found that 30 percent of external breaches were caused by software vulnerabilities, while Sonatype reported that open-source software supply-chain attacks increased by 650 percent in 2021. And you need to look no further than the recent Apache Log4j vulnerability for an example of a widely-used open source software vulnerability now being exploited.

These threats have resulted in a much greater government focus on helping organizations that rely on open-source software. That’s why the White House hosted a meeting in January with large-scale public and private organizations that use and maintain open-source software. The discussion focused on three topics:

  • Preventing security defects and vulnerabilities in codes and open-source packages
  • Improving the process for finding defects and fixing them
  • Shortening the response time for distributing and implementing fixes

For IT pros, these events should be a red flag indicating it’s time to take a deeper look at your deployments that depend on open-source software to strengthen your cybersecurity posture. That’s where the National Security Agency (NSA) and Center for Internet Security (CISA) can help. It’s also time to be sure that your disaster recovery plans—especially your data backup and restore capabilities—are ready for action so you can get your organization back up and running quickly if your network is breached or your data is locked up by ransomware. That’s where Arcserve can help. But more on that later.

Stay Informed About CyberThreats and Mitigations

Look to the NSA and its elite technical capability for advisories and mitigations regarding evolving cybersecurity threats. The NSA also hosts an open-source software site, sharing security tools on GitHub for open-source projects that use everything from Apache to Windows.  

CISA hosts its own site with tons of free cybersecurity services and tools. But before you jump into those, CISA lists some basic measures you should take to shore up your defenses today:

  • Fix known software security flaws – CISA even offers a catalog of Known Exploited Vulnerabilities (KEV), so you can identify any vulnerable software that you’re currently using and update it with the vendor’s latest version.
  • Implement multi-factor authentication (MFA) – Use MFA’s layered approach to secure all of your online services that require a login.
  • Practice good cyber hygiene – Replace outdated, end-of-life software and any systems or products that don’t let you update passwords. And put MFA in place all remote or admin access to systems, resources, and databases. You can also sign up for CISA’s Cyber Hygiene Vulnerability Scanning service by sending an email to an address provided on the site, with CISA performing vulnerability scans and delivering weekly reports that help you step up security for all of your internet-facing systems.

Reduce Internet Attack Surfaces

Another valuable tool CISA offers is guidance for a “Get your Stuff Off Search (SOS).” While zero-day attacks make headlines, it’s the little stuff that often provides an entry point into your networks and data. An SOS Search looks at everything from the industrial internet of things (IIoT), supervisory control and data acquisition systems (SCADA), industrial control systems, remote access technologies, and other assets, reducing internet-facing attack surfaces that anyone can find with a web search. While not a government agency, the Open Source Security Foundation (OpenSSF) is another valuable resource to help you tighten security by offering training in secure software development.

Cloud-Based Backup and Disaster Recovery: Your Last Line of Defense

While you should make every effort to enhance your cybersecurity posture—and these tools and services are a great starting point—there is no way to ensure that you won’t suffer a breach, ransomware attack, or any other kind of data disaster. With cloud-based backup and disaster recovery, you can protect your on-premises systems and data in a purpose-built business continuity cloud. While local backups may be enough to recover from a server failure or other common problem, a site-wide disaster will destroy those backups and make recovery challenging at best. When combined with Arcserve’s backup and recovery solutions, Arcserve Cloud Services disaster recovery as a service (DRaaS) that gives you the ability to get critical systems back online quickly and easily.

Find an Arcserve expert technology partner to help you ramp up your recovery capabilities. And if you’re ready to dive into the details of Arcserve’s offerings, check out our demos on demand.

You May Also Like