ALL NEWS

US cyber officials issue sweeping directive requiring federal agencies to update systems vulnerable to hacking

Nov 3, 2021, 12:22 PM | Updated: 12:24 pm
US officials issued a sweeping directive on November 3 requiring federal civilian agencies to promp...
US officials issued a sweeping directive on November 3 requiring federal civilian agencies to promptly update hardware and software that is vulnerable to hacking following multiple breaches of government networks in recent years. Mandatory Credit: Shutterstock via CNN

    (CNN) — US officials issued a sweeping directive on Wednesday requiring federal civilian agencies to promptly update hardware and software that is vulnerable to hacking following multiple breaches of government networks in recent years.

The directive gives agencies just two weeks to remediate newly discovered software vulnerabilities, and requires agencies to have a process in place for mitigating the impact of those security issues. The directive does not apply to the Pentagon, which is in charge of its own networks.

The new policy comes after multiple warnings from US cybersecurity officials and outside experts that federal defenses have not kept pace with attempts by cybercriminals and state-sponsored hackers to access sensitive federal information. Alleged Russian hackers were able to go undetected for months last year in the unclassified networks of agencies such as the Justice Department before a private firm discovered the intrusions.

The directive sends a “clear message to all organizations across the country” to address vulnerabilities that hackers are actively exploiting to access networks, said the US Cybersecurity and Infrastructure Security Agency (CISA), which issued the directive.

The new CISA directive is an attempt to break the US government from a cycle of having to clean up from one big hack after another and instead keep key systems that hackers are trying to breach updated. Left unaddressed, software bugs can linger in systems for years and offer a path for spies and criminal groups to siphon off data.

The Wall Street Journal was first to report on the new CISA directive.

While timely updates of software vulnerabilities alone are not enough to blunt the impact of advanced hacking operations, the Biden administration is hoping a multi-pronged approach will. CISA, which is part of the Department of Homeland Security, is investing millions of dollars in better security technologies and methods to more quickly detect hacks, officials say.

“Every day, our adversaries are using known vulnerabilities to target federal agencies,” CISA Director Jen Easterly said in a statement on Wednesday. “As the operational lead for federal cybersecurity, we are using our directive authority to drive cybersecurity efforts toward mitigation of those specific vulnerabilities that we know to be actively used by malicious cyber actors.”

The White House has made cybersecurity a top national and economic security issue, particularly after the May ransomware attack on computers at Colonial Pipeline, the main artery for delivering fuel to the East Coast. Colonial Pipeline was forced to shut down for days, causing long lines at gas stations in multiple states.

President Joe Biden in June called on Russian President Vladimir Putin to rein in the criminal hackers operating from Russian soil that experts believe are responsible for the damaging ransomware incidents at Colonial Pipeline and elsewhere.

Some Russian-speaking criminal groups have gone quiet since the Biden-Putin meeting, while others have continued to hold US companies for ransom.

The White House has also sought to rally allies to crack down on the sources of funding for ransomware gangs. The National Security Council last month hosted an initial 30-country meeting where governments said they would do more to strengthen network defenses against the threat. A follow-up meeting with 35 countries was held Tuesday and covered efforts to “accelerate cooperation to counter ransomware,” according to a White House statement.

The-CNN-Wire
™ & © 2021 Cable News Network, Inc., a WarnerMedia Company. All rights reserved.

Today’s Top Stories

All News

An electronic sign on the campus of the University of Utah was seen displaying pornography today....
Lindsay Aerts

U of U students rally in support of Mahsa Amini, woman killed in Iran

University of Utah students protested the death of Mahsa Amini on Tuesday. Amini was recently killed by the Iran's Morality Police.
21 hours ago
Inland Port Authority Plan...
Becky Bruce

The plan to build an inland port/commerce hub is on hold

The announcement comes about a week after a state audit suggested that the Utah Inland Port Authority needs a master plan.
21 hours ago
A Teen Resource Center at Layton High School will open on Wednesday. It is the fifth such center to...
Mark Jones

Layton High’s Teen Resource Center set to open Wednesday

A Teen Resource Center will open Wednesday at Layton High School. It will be the fifth such school in the boundaries of Davis School District.
21 hours ago
Park City Fire Department helped a dog named Lola out of s small drainage culvert....
Waverly Golden

Park City Fire Department rescues Lola the dog

Park City Fire Department helped a dog named Lola out of s small drainage culvert around 9 a.m. on Sept. 27, 2022.
21 hours ago
ovarian cancer...
Simone Seikaly

A new chance for a fighting chance against ovarian cancer

What may be most alarming about ovarian cancer is that the symptoms are there, but they are quiet and can be mistaken for something else.
21 hours ago
hurricane ian florida...
Forrest Brown, CNN

Status of Florida theme parks, cruise ships and more as Ian approaches

Floridians are keeping an anxious eye on Hurricane Ian, including the operators of Florida's popular theme parks.
21 hours ago

Sponsored Articles

a worker with a drill in an orange helmet installs a door in the house...
Price's Guaranteed Doors

Home improvement tip: Increase the value of your home by weatherproofing doors

Make sure your home is comfortable before the winter! Seasonal maintenance keeps your home up to date. Read our tips on weatherproofing doors.
Curb Appeal...
Price's Guaranteed Doors

How to have the best of both worlds for your house | Home security and curb appeal

Protect your home and improve its curb appeal with the latest security solutions like beautiful garage doors and increased security systems.
A paper reading IRS, internal revenue service is pictured...
Jordan Wilcox

The best strategies for dealing with IRS tax harassment | You have options!

Learn how to deal with IRS tax harassment. This guide will teach you how to stop IRS phone calls and letters, and how to handle an IRS audit.
spend a day at Bear Lake...
Bear Lake Convention and Visitors Bureau

You’ll love spending the day at Bear Lake | How to spend a day at Bear Lake

Bear Lake is a place that needs to be experienced. Spend a day at Bear Lake.
Prescription opioids can be disposed of during National Prescription Take Back Day...
Know Your Script

Prescription opioid misuse | How to protect your family from the opioid epidemic

Studies have shown that prescription opioid misuse has increased since COVID-19. So what do you need to know about these opioids?
national heart month...
Intermountain Healthcare

National Heart Month: 5 Lifestyle Changes to Make Today to Keep You Heart Healthy

Heart disease is the leading cause of death for both men and women. One person dies every 36 seconds in the United States from cardiovascular disease
US cyber officials issue sweeping directive requiring federal agencies to update systems vulnerable to hacking