NCSC Features

Podcast Graphic Landing Pageresize1




Matthew Halvorsen, Strategic Program Director for NCSC’s Supply Chain and Cyber Directorate, recently sat down with Gregory Garcia, the Executive Director for Cybersecurity of the Health Sector Coordinating Council, for an audio interview on current threats to the health care sector. The discussion focused on cyber and supply chain threats, including ransomware, nation-state targeting of COVID-19 research, and other current topics.


This episode is the first in a series of interviews with experts and practitioners from government, industry, research and academia to spotlight threats to key U.S. supply chains and highlight mitigation.


  •  Check out NCSC’s first podcast interview, click here
  •  For a transcript of the interview, click here


Guest Speaker

GG Headshotresize2


Greg Garcia is the Executive Director for Cybersecurity of the Health Sector Coordinating Council, the convening organization for critical healthcare infrastructure organizations working in partnership with HHS and other government agencies to protect the security and resilience of the sector, patient safety and public health.


Greg was the nation's first DHS Assistant Secretary for Cybersecurity and Communications under President George W. Bush, 2006-09, where among other achievements he initiated the creation of the National Cyber and Communications Integration Center (NCCIC). He also served as executive director of the Financial Services Sector Coordinating Council, stood up the I.T. Sector Coordinating Council, and held executive positions with Bank of America, 3Com Corporation, and the Information Technology Association of America.


Greg also served as professional staff on the Committee on Science in the U.S. House of Representatives, where he helped draft and shepherd enactment of the Cyber Security Research and Development Act of 2002.


The National Counterintelligence and Security Center



“Securing our election requires a whole-of-society approach. Every American has a role to play, especially since the American voter is the primary target of foreign influence and disinformation efforts. The women and men of the Intelligence Community will continue to be vigilant in protecting America, but we need your participation in this effort.  As Americans, we are all in this together. I encourage you to stay informed and vote!  By doing so, you'll not only help protect our elections, but also send a clear message to our adversaries. We decide who our elected officials are.”


— NCSC Director Bill Evanina







On October 6 2020, NCSC Director Bill Evanina, FBI Director Chris Wray, NSA Director Paul Nakasone, and CISA Director Chris Krebs released a Public Service Announcement on the security of the upcoming 2020 election. Click here to watch the video on YouTube.








7 August 2020: Statement by NCSC Director William Evanina: Election Threat Update for the American Public


28 July 2020: Statement by NCSC Director William Evanina: 100 Days Until Election 2020






26 August 2020 NCSC Safeguarding Our Election bulletin: Foreign Adversaries Could Use Deepfakes to Influence U.S. Elections


20 August 2020 NCSC Safeguarding Our Election bulletin: Foreign Adversaries are Targeting U.S. Elections with Disinformation






 22 October 2020: Russian State-Sponsored Advanced Persistent Threat Actor Compromises U.S. Government Targets


22 October 2020: Iranian State-Sponsored Advanced Persistent Threat Actors Threaten Election-Related Systems


02 October 2020: Spoofed Internet Domains and Email Accounts Pose Cyber and Disinformation Risks to Voters

01 October 2020: Foreign Actors Likely to Use Online Journals to Spread Disinformation Regarding 2020 Elections

30 September 2020: Distributed Denial of Service Attacks Could Hinder Access to Voting Information, Would Not Prevent Voting

28 September 2020: False Claims of Hacked Voter Information Likely Intended to Cast Doubt on Legitimacy of U.S. Elections

24 September: Cyber Threats to Voting Processes Could Slow But Not Prevent Voting

22 September 2020 Foreign Actors and Cybercriminals Likely to Spread Disinformation Regarding 2020 Election Results






Election Security Information Needs — NCSC
NCSC’s informational brochure on foreign threats to U.S. elections and the potential activities that foreign adversaries can undertake to undermine election security.




Election Security -- ODNI 

ODNI collaborates with federal departments and agencies, state and local government, election officials and other valued partners to help protect our elections and maintain transparency with the American public about our efforts.





Protected Voices – FBI
The Protected Voices initiative provides tools and resources to political campaigns, companies and individuals to protect against online foreign operations and cyber threats.





Election Security – DHS
Department of Homeland Security resources on election security, infrastructure and services.





Election Security – CISA
Cybersecurity and Infrastructure Security Agency resources on election infrastructure security and election risk management.





#TrustedInfo2020 – National Association of Secretaries of State
The #TrustedInfo2020 education initiative is a collaborative effort from the country’s Secretaries of State, along with other state and local election officials, who hope to inform the public of trusted sources of election information.





Elections and COVID-19 — U.S. Election Assistance Commission    
Resources for voters and election officials related to COVID-19, education and training.






20210617 NITAM


The Acting Director of the National Counterintelligence and Security Center has issued his letter of endorsement for the third annual National Insider Threat Awareness Month in September 2021.  Please join us during September to emphasize the importance of safeguarding our nation by detecting, deterring, and mitigating insider threats.  If you would like to increase awareness in your workforce, visit the National Insider Threat Awareness Month website to learn more about the serious risks posed by insider threats and how to recognize and report anomalous/threatening activities to enable early intervention. The web page of the National Insider Threat Task Force also has resources available.

20200928 nevernight


Do you want to connect?  Understand that foreign intelligence entities and criminals routinely use deception on social media platforms to try and connect with people who have access to information they want.  Before you link online with someone you don’t know, think about the risks it may pose to yourself, your family, your organization and even national security.


The “Nevernight Connection”

The FBI and the National Counterintelligence and Security Center (NCSC) have released a new movie, “The Nevernight Connection,” to raise awareness of how hostile actors use fake profiles and other forms of deception on social media to target individuals in government, business and academic communities for recruitment and information gathering.


Inspired by true events, the 30-minute video details the fictional account of a former U.S. Intelligence Community official targeted by a foreign intelligence service via a fake profile on a professional networking site and recruited to turn over classified information.



The Threat

On professional networking sites and other social media platforms, hostile actors routinely pose as headhunters, interested employers or people with enticing career opportunities in order to connect   and develop relationships with people who have access to valuable information.


Over time, they attempt to elicit information from their targets, including about their work and contacts. In some cases, promising targets are offered all-expense-paid trips overseas for meetings or presentations, where they are pressured to turn over more information. Some foreign intelligence services are doing this on a mass scale, targeting thousands of people globally via social media.  

While current and former government employees are at risk from these schemes, individuals in the private sector and academic and research communities are also being targeted this way by hostile actors seeking to acquire trade secrets, proprietary data and information about cutting-edge research and technology.



At a minimum, the NCSC and FBI encourage the public to practice basic cyber hygiene when receiving an invitation to connect via social media. 


  • Never accept an invitation to connect from someone you do not know, even if they are a friend of a friend
  • If possible, validate invitation requests through other means before accepting them
  • Exercise caution when posting information about yourself, your job and contacts on social media, as it could draw unwanted attention from adversaries and criminals
  • Report suspicious online approaches to appropriate authorities


Additional Resources 

U.K. Centre for the Protection of National Infrastructure (CPNI)

  • “Think Before You Link” — These CPNI materials provide advice on how to recognize malicious online profiles, realize the threat they pose, respond appropriately and minimize the risk of being targeted in the first place
  • “Glitch” — This CPNI video identifies how hostile actors use professional networking sites to build relationships with targets and attempt to access sensitive information


National Counterintelligence and Security Center (NCSC)





These unclassified, "Safeguarding Our Future " bulletins provide a brief overview of a specific foreign intelligence threat, as well as impacts of that threat and steps for mitigation.


25 May 2022 NCSC Safeguarding the Public bulletin  – Pro-Ukraine Individuals and Businesses at Increased Risk for Online Russian Influence and Surveillance Campaigns


31 January 2022 NCSC Safeguarding Our Future bulletin – Protecting Personal Health Data from Foreign Exploitation


7 January 2022 NCSC / State Department bulletin – Protect Yourself: Commercial Surveillance Tools


14 December 2021 NCSC Fact Sheet – Protect Your Organization from the Foreign Intelligence Threat


22 October 2021 NCSC Fact Sheet – Protecting Critical and Emerging U.S. Technologies from Foreign Threats


18 October 2021 NCSC / Office of the Cyber Executive Safeguarding Our Future bulletin -- HAFNIUM Compromises MS Exchange Servers


13 October 2021 NCSC / Office of the Cyber Executive Safeguarding Our Future bulletin – Kaseya VSA Supply Chain Ransomware Attack


5 October 2021 NCSC / Office of the Cyber Executive Safeguarding Our Future bulletin – SolarWinds Orion Software Supply Chain Attack


8 April 2021 FBI/NCSC Safeguarding Our Future bulletin – Secure America’s Future in Quantum: Protect Your Research


1 February 2021 NCSC Fact Sheet -- China’s Collection of Genomic and other Healthcare Data from America: Risks to Privacy and U.S. Economic and National Security


26 August 2020 NCSC Safeguarding Our Election bulletin -- Foreign Adversaries Could Use Deepfakes to Influence U.S. Elections


20 August 2020 NCSC Safeguarding Our Election bulletin -- Foreign Adversaries are Targeting U.S. Elections with Disinformation 


13 August 2020 NCSC Safeguarding Our Future bulletin -- Keep the Healthcare and Public Health Sector Supply Chain Safe


23 July 2020 NCSC Safeguarding Our Future bulletin -- Prevent Foreign Governments from Undermining Our Public Health through Disinformation


6 July 2020 NCSC Safeguarding Our Future bulletin -- Virtual Telework Platforms – Protect Your Company Information


25 June 2020 NCSC Safeguarding Our Future bulletin -- Protect your organization's crown jewels


19 June 2020 NCSC Safeguarding Our Future bulletin -- Beware of foreign gifts with strings attached


10 June 2020 NCSC Safeguarding Our Future bulletin -- Don't let foreign actors hijack your research!


27 May 2020 NCSC Safeguarding Our Future bulletin -- Would you want a foreign government to have your DNA?



Check back for more bulletins coming in the future!

Below are links to the press release, executive summary, and National Counterintelligence Strategy of the United States 2020-2022




National Counterintelligence and Security Center