How AI Can Help Your Business
Reducing the Attack Surface for End-of-Support Edge Devices
TLP:CLEAR
Introduction
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the U.K.’s National Cyber Security Centre (NCSC) are releasing this fact sheet to urge defensive action against malicious cyber activity by nation-state threat actors. Nation-state threat actors exploit end-of-support (EOS) edge devices—including, but not limited to, load balancers, firewalls, routers, and virtual private network (VPN) gateways—to gain network access, maintain presence, and compromise sensitive data.
Organizations using EOS devices are particularly vulnerable to compromise, especially if they are using EOS devices exposed to the public internet or external systems at the network’s “edge.” CISA’s Binding Operational Directive (BOD) 26-02: Mitigating Risk From End-of-Support Edge Devices requires U.S. Federal Civilian Executive Branch (FCEB) agencies to manage the lifecycle of edge devices to defend against malicious cyber activity. Although the BOD 26-02 requirement only applies to FCEB agencies, CISA, FBI, and NCSC strongly encourage organizations to follow the guidance in the BOD and this fact sheet to safeguard systems, data, and operations from nation-state threat actors.
What Are EOS Edge Devices?
Edge devices include technology that resides on the boundary of an organization’s network and is accessible from the public internet and other external environments. An edge device becomes an “end-of-support” or “unsupported” device when its manufacturer no longer:
- Monitors it for defects in its software and/or firmware, and
- Updates it with patches for common vulnerabilities and exposures (CVEs), security updates, and software fixes (hotfixes).
EOS edge devices pose significant risks for organizations because threat actors can exploit unresolved security gaps. Nation-state threat actors can exploit these devices as entry points to access modern, supported environments, placing organizations’ data, services, and overall security at serious risk. EOS devices may also cause compatibility issues that disrupt productivity.
Mitigations
Organizations should be prepared to respond to malicious cyber activity. As the nation’s cyber defense agency, CISA and its partners stand ready to help prepare organizations to respond to and mitigate the impact of malicious cyber activity. CISA and its partners strongly urge all organizations to review BOD 26-02 and implement the following mitigations.
Please click here to read more detail
TLP:CLEAR