CISA and partners release joint guide to securing remote access software

June 6, 2023
This new joint guide is the result of a collaborative effort to provide an overview of legitimate uses of remote access software, as well as common exploitations and associated tactics, techniques, and procedures.

Today, CISA, Federal Bureau of Investigation (FBI), the National Security Agency (NSA), Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Israel National Cyber Directorate (INCD) released the Guide to Securing Remote Access Software. This new joint guide is the result of a collaborative effort to provide an overview of legitimate uses of remote access software, as well as common exploitations and associated tactics, techniques, and procedures (TTPs), and how to detect and defend against malicious actors abusing this software. 

Remote access software provides organizations with a broad array of capabilities to maintain and improve information technology (IT), operational technology (OT), and industrial control system (ICS) services; however, malicious actors often exploit this software for easy and broad access to victim systems. 

CISA encourages organizations to review this joint guide for recommendations and best practices to implement in alignment with their specific cybersecurity requirements to better detect and defend against exploitation. Additionally, please refer to the additional information below on guidance for MSPs and small- and mid-sized businesses and on malicious use of remote monitoring and management software in using remote software and implementing mitigations.

Sponsored Recommendations

Appdome releases new defenses to combat accessibility malware

Two of the most advanced variants focus on Android banking apps - BrasDex in Latin America and Xenomorph in the U.S. and Europe use Automated Transfer Systems (ATS) malware.

DigiFlight, Inc. welcomes Michael Perrin as Senior Vice President, National Intelligence

With a career spanning 27 years in the U.S. Department of Defense (DoD) and 20 years in the intelligence community, Perrin will serve as DFI's primary point of contact for all...

Sternum shines with UL Solutions’ Diamond Level Qualification for IoT defense

With this UL qualification, Sternum’s Embedded Security and IoT Observability platform is a leading full stack solution that delivers unparalleled runtime protection and continuous...

GSX highlights PKOC demonstration

With PKOC, interoperability is simple, the credential is secure with PKI level authentication and there is no cost for a PKOC compatible credential.