US cyber officials issue sweeping directive requiring federal agencies to update systems vulnerable to hacking

Nov 3, 2021, 12:22 PM | Updated: 12:24 pm
US officials issued a sweeping directive on November 3 requiring federal civilian agencies to promp...
US officials issued a sweeping directive on November 3 requiring federal civilian agencies to promptly update hardware and software that is vulnerable to hacking following multiple breaches of government networks in recent years. Mandatory Credit: Shutterstock via CNN

    (CNN) — US officials issued a sweeping directive on Wednesday requiring federal civilian agencies to promptly update hardware and software that is vulnerable to hacking following multiple breaches of government networks in recent years.

The directive gives agencies just two weeks to remediate newly discovered software vulnerabilities, and requires agencies to have a process in place for mitigating the impact of those security issues. The directive does not apply to the Pentagon, which is in charge of its own networks.

The new policy comes after multiple warnings from US cybersecurity officials and outside experts that federal defenses have not kept pace with attempts by cybercriminals and state-sponsored hackers to access sensitive federal information. Alleged Russian hackers were able to go undetected for months last year in the unclassified networks of agencies such as the Justice Department before a private firm discovered the intrusions.

The directive sends a “clear message to all organizations across the country” to address vulnerabilities that hackers are actively exploiting to access networks, said the US Cybersecurity and Infrastructure Security Agency (CISA), which issued the directive.

The new CISA directive is an attempt to break the US government from a cycle of having to clean up from one big hack after another and instead keep key systems that hackers are trying to breach updated. Left unaddressed, software bugs can linger in systems for years and offer a path for spies and criminal groups to siphon off data.

The Wall Street Journal was first to report on the new CISA directive.

While timely updates of software vulnerabilities alone are not enough to blunt the impact of advanced hacking operations, the Biden administration is hoping a multi-pronged approach will. CISA, which is part of the Department of Homeland Security, is investing millions of dollars in better security technologies and methods to more quickly detect hacks, officials say.

“Every day, our adversaries are using known vulnerabilities to target federal agencies,” CISA Director Jen Easterly said in a statement on Wednesday. “As the operational lead for federal cybersecurity, we are using our directive authority to drive cybersecurity efforts toward mitigation of those specific vulnerabilities that we know to be actively used by malicious cyber actors.”

The White House has made cybersecurity a top national and economic security issue, particularly after the May ransomware attack on computers at Colonial Pipeline, the main artery for delivering fuel to the East Coast. Colonial Pipeline was forced to shut down for days, causing long lines at gas stations in multiple states.

President Joe Biden in June called on Russian President Vladimir Putin to rein in the criminal hackers operating from Russian soil that experts believe are responsible for the damaging ransomware incidents at Colonial Pipeline and elsewhere.

Some Russian-speaking criminal groups have gone quiet since the Biden-Putin meeting, while others have continued to hold US companies for ransom.

The White House has also sought to rally allies to crack down on the sources of funding for ransomware gangs. The National Security Council last month hosted an initial 30-country meeting where governments said they would do more to strengthen network defenses against the threat. A follow-up meeting with 35 countries was held Tuesday and covered efforts to “accelerate cooperation to counter ransomware,” according to a White House statement.

™ & © 2021 Cable News Network, Inc., a WarnerMedia Company. All rights reserved.

We want to hear from you.

Have a story idea or tip? Send it to the KSL NewsRadio team here.

Today’s Top Stories

All News

Shots were reportedly fired in the parking lot of Taylorsville High School on Thursday afternoon, l...

Teen arrested for firing shots in Taylorsville High parking lot

A 17-year-old boy has been arrested in connection to the shots fired last week in the parking lot of Taylorsville High School.
15 hours ago
humane society...
Elizabeth Weiler

Humane Society of Utah says to adopters “come one, come all”

The Humane Society of Utah says their shelters are filling up, especially with large breed dogs and puppies.
15 hours ago
amber alert...
Adam Small

Suspect in Layton Amber Alert charged

LAYTON, Utah– Prosecutors in Davis County have officially filed charges against a man suspected of kidnapping a 13-year-old boy, which prompted police to send out an Amber Alert in December. New charging documents allege Aaron Michael Zeman, 26, also known as Tadashi Kojima, had been communicating with the 13-year-old Layton boy as far back as […]
15 hours ago
Tyre Nichols...
Elizabeth Weiler

MLK invoked as Tyre Nichols’ life is celebrated in Memphis

(CNN) — Mourners, from Vice President Kamala Harris to the activist the Rev. Al Sharpton, on Wednesday celebrated the life of Tyre Nichols, whose death at the hands of police in Memphis led to second-degree murder charges against five officers. “Mothers around the world, when their babies are born, pray to God when they hold […]
15 hours ago
The Federal Reserve unanimously approved a quarter-point interest rate hike Wednesday, slowing the ...
Nicole Goodkind, CNN

Fed approves small rate hike, nodding to improved inflation outlook

The decision comes after months of large rate increases intended to cool the economy and marks a return to a more traditional interest-rate policy.
15 hours ago
A group of high school students stand on a basketball court during a free throw. (Amanda Dickson/KS...
Amanda Dickson

Opinion: Is sportsmanship dead in high school basketball?

After a weekend basketball game, it's clear some of our students have a lot of learn when it comes to civility and sportsmanship.
15 hours ago

Sponsored Articles

Banner with Cervical Cancer Awareness Realistic Ribbon...
Intermountain Health

Five Common Causes of Cervical Cancer – and What You Can Do to Lower Your Risk

January is National Cervical Cancer Awareness month and cancer experts at Intermountain Health are working to educate women about cervical cancer, the tests that can warn women about potential cancer, and the importance of vaccination.
Kid holding a cisco fish at winterfest...
Bear Lake Convention and Visitors Bureau

Get Ready for Fun at the 2023 Bear Lake Monster Winterfest

The Bear Lake Monster Winterfest is an annual weekend event jam-packed full of fun activities the whole family can enjoy. This year the event will be held from January 27-29 at the Utah Bear Lake State Park Marina and Sunrise Resort and Event Center in Garden City, Utah. 
happy friends with sparklers at christmas dinner...

15 Easy Christmas Dinner Ideas

We’ve scoured the web for you and narrowed down a few of our favorite Christmas dinner ideas to make your planning easy. Choose from the dishes we’ve highlighted to plan your meal or start brainstorming your own meal plan a couple of weeks before to make sure you have time to shop and prepare.
Spicy Homemade Loaded Taters Tots...

5 Game Day Snacks for the Whole Family (with recipes!)

Try these game day snacks to make watching football at home with your family feel like a special occasion. 
Happy joyful smiling casual satisfied woman learning and communicates in sign language online using...

The Best Tools for Deaf and Hard-of-Hearing Workplace Success

Here are some of the best resources to make your workplace work better for Deaf and hard-of-hearing employees.
Team supporters celebrating at a tailgate party...

8 Delicious Tailgate Foods That Require Zero Prep Work

In a hurry? These 8 tailgate foods take zero prep work, so you can fuel up and get back to what matters most: getting hyped for your favorite
US cyber officials issue sweeping directive requiring federal agencies to update systems vulnerable to hacking