JCDC Remote Monitoring & Management Cyber Defense Summary
The Joint Cyber Defense Collaborative (JCDC) has introduced a Cyber Defense Plan for Remote Monitoring and Management (RMM). RMM software monitors system health and facilitates remote administration. Given the rising misuse of RMM tools by ransomware actors, this has become a concern for small and medium enterprises involved in vital national functions.
The JCDC's plan is a collective effort with its partners to tackle the exploitation of RMM software. This exploitation allows cyber attackers to infiltrate service provider servers and subsequently, a multitude of client networks.
The plan is based on two key pillars:
- Operational Collaboration: Promotes a united effort within the RMM community to boost information sharing, visibility, and innovative cybersecurity solutions. This covers:
- Cyber Threat and Vulnerability Information
- Maintaining an RMM Operational Community
- Cyber Defense Guidance: Educates RMM end-users about potential risks and promotes security best practices. This encompasses:
- End-User Education
- Amplification
On August 16, 2023, CISA unveiled the RMM Cyber Defense Plan through the JCDC. This is the first proactive plan created in collaboration between industry and government to address the risks of RMM software exploitation. The goal is to counter the threats posed by cyber actors accessing managed service provider servers, impacting their vast clientele of small to medium businesses.
This announcement is a significant step following the JCDC 2023 Planning Agenda. It showcases the Collaborative’s commitment to:
- Formulate and synchronise cyber defence strategies
- Enhance operational teamwork and cybersecurity information integration
- Provide and distribute cyber defence guidelines
In taking these measures, CISA, alongside its governmental and private sector partners, aims to notably diminish major cyber risks on a global scale. Organisations are urged to review the detailed RMM Strategic Cyber Defense Plan on the CISA website. The site also provides more insights into JCDC's endeavours to fortify global cyber defence.