NIST Publishes Tools to Help Protect Data from State-Sponsored Hackers
Thursday, February 4, 2021
breakthrough hacker
Print Mail Download i

The National Institutes of Science and Technology (NIST) continues to offer timely and relevant information for companies to consider when addressing cyber-risks in an ever-changing landscape.

 On February 2, 2021, NIST published an alert outlining tools it has developed to assist companies “to help defend against state-sponsored hackers.” According to its press release, nation-state actors, also known as “advanced persistent threat” (APT), are targeting both governmental agencies and private industry and academia in order to steal “sensitive but unclassified information,” known as ‘controlled unclassified information’ (CUI), that the government relies on “to carry out a wide range of missions using information systems” and, therefore, the “protection of sensitive federal information that resides in nonfederal systems…is of paramount importance, as it can directly impact the federal government’s ability to carry out its operations.”

Following the Chinese government’s 2018 hack of a third-party contractor of the United States Navy in which, according to the Washington Post, the Chinese government “stole a large amount of highly sensitive data on undersea warfare,” NIST developed and published its draft Special Publication SP 800-172 to assist in protecting CUI against APT.

After public comment, the final publication of SP 800-172 Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST SP 800-171 was released this week for private companies, industry and academia to adopt NIST-developed tools that provide “additional recommendations for handling CUI in situations where that information runs a higher than usual risk of exposure. CUI includes a wide variety of information types, from individuals’ names or Social Security numbers to critical defense information.”

According to NIST, “implementing the cyber safeguards in SP 800-172 will help system owners protect what state-level hackers have considered to be particularly high-value targets: sensitive information about people, technologies, innovation and intellectual property the revelation of which could compromise our economy and national security.”

NIST provides help to all of us in defending against cyber-attacks. NIST says, “The adversaries are bringing their ‘A-game” in these cyberattacks 24 hours a day, 7 days a week…You can start making sure the damage is minimized if you use SP 800-172’s cyber safeguards.”

Take a look at the tools and consider using them to enhance the security of your high-risk data.

Copyright © 2024 Robinson & Cole LLP. All rights reserved.

Current Legal Analysis

More from Robinson & Cole LLP

Privacy Tip #394 – Colorado Amends Privacy Law to Include Neurodata
by: Linn F. Freedman
New Threat: Scattered Spider International Coalition of Hackers
by: Linn F. Freedman
Joint Guidance Published by Five Eyes on Deploying AI Systems Securely
by: Linn F. Freedman
U.S. Government Intervenes in Case Alleging Unauthorized Disclosure of CUI
by: Data Privacy & Cybersecurity Robinson Cole
DoorDash Settles with California Attorney General for Alleged Violations of the CCPA
by: Kathryn M. Rattigan
The State of AI Governance and Diversity: Takeaways from the AI Index Report
by: Blair V. Robinson
Weight Loss, Miracle Medications & the Workplace
by: Abby M. Warren
Additional States Implement Notice Requirements for Healthcare Transactions
by: Leslie J. Levinson , Danielle H. Tangorre
Privacy Tip #393 – Phishing, Smishing, Vishing and Qrishing Schemes Continue to Dupe Users
by: Linn F. Freedman
Congress Introduces Promising Bipartisan Privacy Bill
by: Blair V. Robinson

Upcoming Legal Education Events

 

NLR Logo

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up to receive our free e-Newsbulletins

 

Sign Up for e-NewsBulletins