NSA’s top hacking boss explains how to protect your network from his attack squads
http://www.theregister.co.uk/2016/01/28/nsas_top_hacking_boss_explains_how_to_protect_your_network_from_his_minions/
?x=648&y=348&crop=1
The United States National Security Agency (NSA) is a notoriously secretive organization, but the head of its elite Tailored Access Operations (TAO) hacking team has appeared at Usenixs Enigma conference to tell the assembled security experts how to make his life difficult.
Rob Joyce has spent over a quarter of a century at No Such Agency and in 2013 he became head of TAO, with responsibility for breaking into non-US computer networks run by overseas companies and governments. Joyce's presentation on network security at the event boiled down to one piece of advice.
If you really want to protect your network you have to know your network, including all the devices and technology in it, he said. In many cases we know networks better than the people who designed and run them.
NSA tiger teams follow a six-stage process when attempting to crack a target, he explained. These are reconnaissance, initial exploitation, establish persistence, install tools, move laterally, and then collect, exfiltrate and exploit the data.
much more at link