7 Feb, 2024
Joint Guidance: Identifying and Mitigating Living Off the Land Techniques
United States. Cybersecurity & Infrastructure Security Agency
United States. Cybersecurity & Infrastructure Security Agency; United States. National Security Agency; United States. Federal Bureau of Investigation; United States. Department of Energy; United States. Environmental Protection Agency; United States. Transportation Security Administration; Australian Cyber Security Centre (ACSC); Canadian Centre for Cyber Security; United Kingdom. National Cyber Security Centre; New Zealand. NCSC
From the document: "This guide [...] provides information on common living off the land (LOTL) techniques and common gaps in cyber defense capabilities. [...] The joint guide for network defenders focuses on how to mitigate identified gaps and to detect and hunt for LOTL activity. The information in this joint guide is derived from a previously published joint advisory [hyperlink]; incident response engagements undertaken by several of the authoring agencies; red team assessments by several of the authoring agencies using LOTL for undetected, persistent access; and collaborative efforts with industry. The authoring agencies have observed cyber threat actors, including the People's Republic of China (PRC) and Russian Federation state-sponsored actors, leveraging LOTL techniques to compromise and maintain persistent access to critical infrastructure organizations. The authoring agencies are releasing this joint guide for network defenders (including threat hunters) as the malicious use of LOTL techniques is increasingly emerging in the broader cyber threat environment."
    Details
  • URL
  • Authors
    United States. Cybersecurity & Infrastructure Security Agency
    United States. National Security Agency
    United States. Federal Bureau of Investigation
    United States. Department of Energy
    United States. Environmental Protection Agency
    United States. Transportation Security Administration
    Australian Cyber Security Centre (ACSC)
    Canadian Centre for Cyber Security
    United Kingdom. National Cyber Security Centre
    New Zealand. NCSC
  • Publisher
    United States. Cybersecurity & Infrastructure Security Agency
  • Date
    7 Feb, 2024
  • Copyright
    Public Domain
  • Retrieved From
    Cybersecurity and Infrastructure Security Agency: www.cisa.gov/
  • Format
    pdf
  • Media Type
    application/pdf
  • Subjects
    Critical infrastructure
    Public key infrastructure (Computer security)
    Cyberinfrastructure--Security measures
    Malware (Computer software)

Citing HSDL Resources

Documents from the HSDL collection cannot automatically be added to citation managers (e.g. Refworks, Endnotes, etc). This HSDL abstract page contains some of the pieces you may need when citing a resource, such as the author, publisher and date information. We highly recommend you always refer to the resource itself as the most accurate source of information when citing. Here are some sources that can help with formatting citations (particularly for government documents).

Worldcat: http://www.worldcat.org/

Indiana University Guide: Citing U.S. Government Publications: http://libraries.iub.edu/guide-citing-us-government-publications
Clear examples for citing specific types of government publications in a variety of formats. It does not address citing according to specific style guides.

Naval Postgraduate School: Dudley Knox Library. Citing Styles: http://libguides.nps.edu/citation
Specific examples for citing government publications according to APA and Chicago style guides. Click on the link for your preferred style then navigate to the specific type of government publication.

Scroll to Top