National Cyber Security Centre - Ministry of Security and Justice

Factsheets RSS feed

Read the factsheets of the NCSC.

  • Factsheet Choosing a messaging app for your organisation

    September 8, 2017

    Using publicly available messaging apps for business communication involves certain risks and has consequences for both your organisation and information sharing. This factsheet will elaborate on what kind of organisational risks exist when employees use such a publicly available messaging app.

  • Factsheet Indicators of Compromise

    June 1, 2017

    In order to observe malicious digital activities within an organisation, Indicators of Compromise (IoCs) are a valuable asset. With IoCs, organisations can gain quick insights at central points in the network into malicious digital activities. When your organisation observes these activities, it is important to know what you can do to trace back which system is infected....

  • Factsheet Secure the connections of mail servers

    April 4, 2017

    Traditionally, connections between mail servers have hardly been secured. STARTTLS is an extension to provide existing protocols with connection security. If you only use STARTTLS to secure connections between mail servers, this will protect against so-called passive attackers. An active attacker can easily undo the use of STARTTLS. The DANE protocol allows you to...

  • Duplicate PGP Keys

    August 17, 2016

    Recently it was noticed that many duplicate PGP keys have been submitted to the keyservers. These keys have the same ‘user-ID’ (e-mail address) and `key-ID’. The ‘key-ID’ is formed by the last 32 bits of a key. When searching for an e-mail address or short`key-ID’, it is possible that the duplicate key is retrieved. This method has been published in 2014 as the Evil32...

  • Factsheet Use virtualisation wisely

    August 10, 2016

    Virtualisation of ICT services ensures more efficient and flexible use of hardware. This factsheet is about specific risks that arise when you use virtual servers to outsource ICT services. Your virtual server has an unknown number of virtual neighbours on the host. By using the newly discovered Flip Feng Shui attack method, an attacker can penetrate a virtual neighbour...

CSAN 2017

CSAN 2017