HomeTech PlusTECH & OTHER NEWSNSA urges system administrators to replace obsolete TLS protocols

NSA urges system administrators to replace obsolete TLS protocols

cheeto-lock.jpg
Image: kt000545 on Reddit

The US National Security Agency has issued a security advisory [PDF] this month urging system administrators in federal agencies and beyond to stop using old and obsolete TLS protocols.

“NSA recommends that only TLS 1.2 or TLS 1.3 be used; and that SSL 2.0, SSL 3.0, TLS 1.0, and TLS 1.1 not be used,” the agency said.

“Using obsolete encryption provides a false sense of security because it seems as though sensitive data is protected, even though it really is not,” the agency added.

Also: Best VPNs • Best security keys • Best antivirus

Even if TLS 1.2 and TLS 1.3 are deployed, the NSA warns against configuring these two protocols with weak cryptographic parameters and cipher suites.

“Especially weak encryption algorithms in TLS 1.2 are designated as NULL, RC2, RC4, DES, IDEA, and TDES/3DES; cipher suites using these algorithms should not be used,” the agency added.

“TLS 1.3 removes these cipher suites, but implementations that support both TLS 1.3 and TLS 1.2 should be checked for obsolete cipher suites.”

The US cybersecurity agency has published a list of tools on its GitHub profile to help system administrators with the task of identifying systems on their internal networks still using obsolete TLS protocol configurations.

Similar messaging from the Netherlands

The NSA advisory, published on January 5, was echoed yesterday by the agency’s counterpart in the Netherlands, the Dutch National Cyber Security Center.

In a similar alert [PDF], the Dutch NCSC also recommended that Dutch government agencies and private companies move to TLS 1.3 as part of a “future-proof” configuration approach.

The two alerts come after, in mid-2020, major web browsers stopped supporting TLS 1.0 and TLS 1.1, citing security reasons. In March 2020, security firm Netcraft reported that around 850,000 websites were still using TLS 1.0 and TLS 1.1 to encrypt their HTTPS traffic, a number that has since slowly gone down.

In its advisory, the NSA warned that new attacks against TLS protocols are always being discovered and that organizations should use the latest TLS protocol versions to “always stay ahead of malicious actors’ abilities and protect important information.”

By ZDNet Source Link

Technology For You
Technology For Youhttps://www.technologyforyou.org
Technology For You - One of the Leading Online TECHNOLOGY NEWS Media providing the Latest & Real-time news on Technology, Cyber Security, Smartphones/Gadgets, Apps, Startups, Careers, Tech Skills, Web Updates, Tech Industry News, Product Reviews and TechKnowledge...etc. Technology For You has always brought technology to the doorstep of the Industry through its exclusive content, updates, and expertise from industry leaders through its Online Tech News Website. Technology For You Provides Advertisers with a strong Digital Platform to reach lakhs of people in India as well as abroad.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

spot_img

CYBER SECURITY NEWS

TECH NEWS

TOP NEWS