NCSC Features
Matthew Halvorsen, Strategic Program Director for NCSC’s Supply Chain and Cyber Directorate, recently sat down with Gregory Garcia, the Executive Director for Cybersecurity of the Health Sector Coordinating Council, for an audio interview on current threats to the health care sector. The discussion focused on cyber and supply chain threats, including ransomware, nation-state targeting of COVID-19 research, and other current topics.
This episode is the first in a series of interviews with experts and practitioners from government, industry, research and academia to spotlight threats to key U.S. supply chains and highlight mitigation.
- Check out NCSC’s first podcast interview, click here
- For a transcript of the interview, click here
Guest Speaker
Greg Garcia is the Executive Director for Cybersecurity of the Health Sector Coordinating Council, the convening organization for critical healthcare infrastructure organizations working in partnership with HHS and other government agencies to protect the security and resilience of the sector, patient safety and public health.
Greg was the nation's first DHS Assistant Secretary for Cybersecurity and Communications under President George W. Bush, 2006-09, where among other achievements he initiated the creation of the National Cyber and Communications Integration Center (NCCIC). He also served as executive director of the Financial Services Sector Coordinating Council, stood up the I.T. Sector Coordinating Council, and held executive positions with Bank of America, 3Com Corporation, and the Information Technology Association of America.
Greg also served as professional staff on the Committee on Science in the U.S. House of Representatives, where he helped draft and shepherd enactment of the Cyber Security Research and Development Act of 2002.
The Executive Director of the National Counterintelligence and Security Center has issued her letter of endorsement for the fifth annual National Insider Threat Awareness Month in September 2023. Please join us during September to emphasize the importance of safeguarding our nation by detecting, deterring, and mitigating insider threats. If you would like to increase awareness in your workforce, visit the National Insider Threat Awareness Month website to learn more about the serious risks posed by insider threats and how to recognize and report anomalous/threatening activities to enable early intervention. The web page of the National Insider Threat Task Force also has resources available.
Do you want to connect? Understand that foreign intelligence entities and criminals routinely use deception on social media platforms to try and connect with people who have access to information they want. Before you link online with someone you don’t know, think about the risks it may pose to yourself, your family, your organization and even national security.
The “Nevernight Connection”
The FBI and the National Counterintelligence and Security Center (NCSC) have released a new movie, “The Nevernight Connection,” to raise awareness of how hostile actors use fake profiles and other forms of deception on social media to target individuals in government, business and academic communities for recruitment and information gathering.
Inspired by true events, the 30-minute video details the fictional account of a former U.S. Intelligence Community official targeted by a foreign intelligence service via a fake profile on a professional networking site and recruited to turn over classified information.
The Threat
On professional networking sites and other social media platforms, hostile actors routinely pose as headhunters, interested employers or people with enticing career opportunities in order to connect and develop relationships with people who have access to valuable information.
Over time, they attempt to elicit information from their targets, including about their work and contacts. In some cases, promising targets are offered all-expense-paid trips overseas for meetings or presentations, where they are pressured to turn over more information. Some foreign intelligence services are doing this on a mass scale, targeting thousands of people globally via social media.
While current and former government employees are at risk from these schemes, individuals in the private sector and academic and research communities are also being targeted this way by hostile actors seeking to acquire trade secrets, proprietary data and information about cutting-edge research and technology.
Mitigation
At a minimum, the NCSC and FBI encourage the public to practice basic cyber hygiene when receiving an invitation to connect via social media.
- Never accept an invitation to connect from someone you do not know, even if they are a friend of a friend
- If possible, validate invitation requests through other means before accepting them
- Exercise caution when posting information about yourself, your job and contacts on social media, as it could draw unwanted attention from adversaries and criminals
- Report suspicious online approaches to appropriate authorities
Additional Resources
U.K. Centre for the Protection of National Infrastructure (CPNI)
- “Think Before You Link” — These CPNI materials provide advice on how to recognize malicious online profiles, realize the threat they pose, respond appropriately and minimize the risk of being targeted in the first place
- “Glitch” — This CPNI video identifies how hostile actors use professional networking sites to build relationships with targets and attempt to access sensitive information
National Counterintelligence and Security Center (NCSC)
- “Know the Risk: Raise Your Shield” — Video on social media deception
- “Don’t Be This Guy” — Additional video on social media deception
- “Social Media Deception” — Additional video on social media deception
- NCSC Social Media Deception poster and infographic
- NCSC Social Engineering poster and infographic
These unclassified, "Safeguarding Our Future " bulletins provide a brief overview of a specific foreign intelligence threat, as well as impacts of that threat and steps for mitigation.
19 November 2024 NCSC, CISA Safeguarding Our Critical Infrastructure bulletin – Vigilance Makes a Difference
24 July 2024 NCSC, OESET, AFOSI, NCIS Safeguarding Our Innovation bulletin – Protecting U.S. Emerging Technology Companies from Investment by Foreign Threat Actors
5 June 2024 NCSC, FVEY Safeguarding Our Military Expertise bulletin – Foreign Companies Continue to Recruit Current and Former Western Service Members to Bolster the PRC’s Military
12 October 2023 NCSC / FBI Safeguarding Our Future bulletin – Russian Intelligence Poses a Persistent Threat to the United States
11 October 2023 NCSC Brochure – Enterprise Risk Mitigation Blueprint for Non-Intelligence Agencies
18 August 2023 NCSC / FBI / Air Force Office of Special Investigations bulletin – Safeguarding the U.S. Space Industry
30 June 2023 NCSC Safeguarding Our Future bulletin – U.S. Business Risk: People’s Republic of China (PRC) Laws Expand Beijing’s Oversight of Foreign and Domestic Companies
28 March 2023 NCSC / FBI Safeguarding the Public bulletin – Don't Be a Pawn of Repressive Foreign Governments
- Arabic -- Don't Be a Pawn of Repressive Foreign Governments
- Chinese (simplified)-- Don't Be a Pawn of Repressive Foreign Governments
- Chinese (traditional)-- Don't Be a Pawn of Repressive Foreign Governments
- Farsi -- Don't Be a Pawn of Repressive Foreign Governments
- Russian -- Don't Be a Pawn of Repressive Foreign Governments
- Spanish -- Don't Be a Pawn of Repressive Foreign Governments
- Turkish -- Don't Be a Pawn of Repressive Foreign Governments
- Korean -- Don't Be a Pawn of Repressive Foreign Governments
- French -- Don't Be a Pawn of Repressive Foreign Governments
- Urdu -- Don't Be a Pawn of Repressive Foreign Governments
- Uyghur -- Don't Be a Pawn of Repressive Foreign Governments
2 November 2022 NCSC Safeguarding Our Future bulletin – Virtual Telework Platforms: Strengthen Your Posture to Guard Your Data
14 September 2022 NCSC Fact Sheet – Foreign Collection Methods: Indicators and Countermeasures
6 July 2022 NCSC Safeguarding Our Future bulletin – Protecting Government and Business Leaders at the U.S. State and Local Level from People’s Republic of China (PRC) Influence Operations
25 May 2022 NCSC Safeguarding the Public bulletin – Pro-Ukraine Individuals and Businesses at Increased Risk for Online Russian Influence and Surveillance Campaigns
31 January 2022 NCSC Safeguarding Our Future bulletin – Protecting Personal Health Data from Foreign Exploitation
7 January 2022 NCSC / State Department bulletin – Protect Yourself: Commercial Surveillance Tools
14 December 2021 NCSC Fact Sheet – Protect Your Organization from the Foreign Intelligence Threat
22 October 2021 NCSC Fact Sheet – Protecting Critical and Emerging U.S. Technologies from Foreign Threats
18 October 2021 NCSC / Office of the Cyber Executive Safeguarding Our Future bulletin -- HAFNIUM Compromises MS Exchange Servers
13 October 2021 NCSC / Office of the Cyber Executive Safeguarding Our Future bulletin – Kaseya VSA Supply Chain Ransomware Attack
5 October 2021 NCSC / Office of the Cyber Executive Safeguarding Our Future bulletin – SolarWinds Orion Software Supply Chain Attack
8 April 2021 FBI/NCSC Safeguarding Our Future bulletin – Secure America’s Future in Quantum: Protect Your Research
1 February 2021 NCSC Fact Sheet -- China’s Collection of Genomic and other Healthcare Data from America: Risks to Privacy and U.S. Economic and National Security
26 August 2020 NCSC Safeguarding Our Election bulletin -- Foreign Adversaries Could Use Deepfakes to Influence U.S. Elections
20 August 2020 NCSC Safeguarding Our Election bulletin -- Foreign Adversaries are Targeting U.S. Elections with Disinformation
13 August 2020 NCSC Safeguarding Our Future bulletin -- Keep the Healthcare and Public Health Sector Supply Chain Safe
23 July 2020 NCSC Safeguarding Our Future bulletin -- Prevent Foreign Governments from Undermining Our Public Health through Disinformation
6 July 2020 NCSC Safeguarding Our Future bulletin -- Virtual Telework Platforms – Protect Your Company Information
25 June 2020 NCSC Safeguarding Our Future bulletin -- Protect your organization's crown jewels
19 June 2020 NCSC Safeguarding Our Future bulletin -- Beware of foreign gifts with strings attached
10 June 2020 NCSC Safeguarding Our Future bulletin -- Don't let foreign actors hijack your research!
27 May 2020 NCSC Safeguarding Our Future bulletin -- Would you want a foreign government to have your DNA?
Check back for more bulletins coming in the future!
Below are links to the press release and the National Counterintelligence Strategy
NCSC’s “Wall of Spies Experience” provides more than 200 stories of espionage and sabotage from our country’s founding to contemporary times.
