NSA released the Cybersecurity Information Sheet “Securing Wireless Devices in Public Settings” to help National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) teleworkers identify potential threats and minimize risks to their wireless devices and data.
Cyber actors can compromise devices over Bluetooth, public Wi-Fi, and Near-Field Communications (NFC), a short-range wireless technology. This puts personal and organizational data, credentials, and devices at risk. Devices include laptops, tablets, mobile, wearable, and others that can connect to public wireless technologies. The Cybersecurity Information Sheet describes how to identify potentially vulnerable public connections, secure common wireless technologies, and better protect devices and data.
NSA lists malicious techniques used to target each technology and provides specific recommendations, such as avoiding public Wi-Fi and instead using a personal or corporate mobile hotspot with strong authentication and encryption. If users must connect to public Wi-Fi, they should take necessary precautions, such as using a personal or corporate-provided virtual private network (VPN) to encrypt the traffic.
The guidance throughout helps users understand the risks in using public wireless technologies and enables them to make calculated decisions about the level of risk they accept. At a minimum, NSA recommend disabling Wi-Fi, Bluetooth, and NFC when not in use.
NSA released this information as part of its mission to secure the DoD, DIB, and NSS.
For more information, read the full Cybersecurity Information Sheet.