The Cybersecurity and Infrastructure Security Agency (CISA) unveiled four new guides on Wednesday, three of which aim to help mitigate risks associated with unmanned aircraft systems (UAS) and one that looks to mitigate cybercriminal activity enabled by bulletproof hosting (BPH) providers.
The three guides that focus on UAS, commonly known as drones, are part of CISA’s Be Air Aware™ resources. They include “,” “Suspicious Unmanned Aircraft System Activity Guidance,” and “Safe Handling Considerations for Downed Unmanned Aircraft Systems.”
“The new risks and challenges from UAS activity demonstrate that the threat environment is always changing, which means our defenses must improve as well,” said Madhu Gottumukkala, CISA’s acting director, in a . “CISA’s Be Air Aware™ resources are designed to empower critical infrastructure owners and operators with the information they need to better safeguard their systems and assets.”
These guides represent a significant step in supporting the actions mandated by an executive order that President Donald Trump signed in June. That order seeks to expand the approved use of UAS in U.S. airspace, employ AI technologies in reviews of drone applications, and facilitate the military’s more extensive use of drone craft.
Government partners, UAS experts, and industry representatives from across critical infrastructure sectors helped develop the three guides.
CISA said the goal is to enhance awareness of the cyber and physical threats posed by UAS, and to provide practical guidance on how to manage UAS risks to critical infrastructure and public events.
As for the fourth guide, “,” CISA said it is intended to provide internet service providers and network defenders with an in-depth overview of this cybercriminal activity. The guide also offers them best practices and resources to safeguard their networks.
CISA produced the guide in partnership with the National Security Agency, Department of Defense Cyber Crime Center, FBI, and international partners.
“Bulletproof hosting is one of the core enablers of modern cybercrime,” Gottumukkala said in a separate press release. “By shining a light on these illicit infrastructures and giving defenders concrete actions, we are making it harder for criminals to hide and easier for our partners to protect the systems Americans rely on every day.”
“BPH providers are increasingly becoming common accomplices, posing an imminent and significant risk to the resilience and safety of critical systems and services,” added Nick Andersen, executive assistant director for the cybersecurity division at CISA. “Our joint BulletProof Defense guide provides actionable information. We encourage ISPs and organizations to review and implement recommended actions to reduce the effectiveness of BPH infrastructure and risk to this threat.”