ALL NEWS

US cyber officials issue sweeping directive requiring federal agencies to update systems vulnerable to hacking

Nov 3, 2021, 12:22 PM | Updated: 12:24 pm
US officials issued a sweeping directive on November 3 requiring federal civilian agencies to promp...
US officials issued a sweeping directive on November 3 requiring federal civilian agencies to promptly update hardware and software that is vulnerable to hacking following multiple breaches of government networks in recent years. Mandatory Credit: Shutterstock via CNN

    (CNN) — US officials issued a sweeping directive on Wednesday requiring federal civilian agencies to promptly update hardware and software that is vulnerable to hacking following multiple breaches of government networks in recent years.

The directive gives agencies just two weeks to remediate newly discovered software vulnerabilities, and requires agencies to have a process in place for mitigating the impact of those security issues. The directive does not apply to the Pentagon, which is in charge of its own networks.

The new policy comes after multiple warnings from US cybersecurity officials and outside experts that federal defenses have not kept pace with attempts by cybercriminals and state-sponsored hackers to access sensitive federal information. Alleged Russian hackers were able to go undetected for months last year in the unclassified networks of agencies such as the Justice Department before a private firm discovered the intrusions.

The directive sends a “clear message to all organizations across the country” to address vulnerabilities that hackers are actively exploiting to access networks, said the US Cybersecurity and Infrastructure Security Agency (CISA), which issued the directive.

The new CISA directive is an attempt to break the US government from a cycle of having to clean up from one big hack after another and instead keep key systems that hackers are trying to breach updated. Left unaddressed, software bugs can linger in systems for years and offer a path for spies and criminal groups to siphon off data.

The Wall Street Journal was first to report on the new CISA directive.

While timely updates of software vulnerabilities alone are not enough to blunt the impact of advanced hacking operations, the Biden administration is hoping a multi-pronged approach will. CISA, which is part of the Department of Homeland Security, is investing millions of dollars in better security technologies and methods to more quickly detect hacks, officials say.

“Every day, our adversaries are using known vulnerabilities to target federal agencies,” CISA Director Jen Easterly said in a statement on Wednesday. “As the operational lead for federal cybersecurity, we are using our directive authority to drive cybersecurity efforts toward mitigation of those specific vulnerabilities that we know to be actively used by malicious cyber actors.”

The White House has made cybersecurity a top national and economic security issue, particularly after the May ransomware attack on computers at Colonial Pipeline, the main artery for delivering fuel to the East Coast. Colonial Pipeline was forced to shut down for days, causing long lines at gas stations in multiple states.

President Joe Biden in June called on Russian President Vladimir Putin to rein in the criminal hackers operating from Russian soil that experts believe are responsible for the damaging ransomware incidents at Colonial Pipeline and elsewhere.

Some Russian-speaking criminal groups have gone quiet since the Biden-Putin meeting, while others have continued to hold US companies for ransom.

The White House has also sought to rally allies to crack down on the sources of funding for ransomware gangs. The National Security Council last month hosted an initial 30-country meeting where governments said they would do more to strengthen network defenses against the threat. A follow-up meeting with 35 countries was held Tuesday and covered efforts to “accelerate cooperation to counter ransomware,” according to a White House statement.

The-CNN-Wire
™ & © 2021 Cable News Network, Inc., a WarnerMedia Company. All rights reserved.

Today’s Top Stories

All News

Tanner Holt used a swather to cut "Will you marry me?" into a large hayfield at his family's ranch ...
Amanda Dickson

Only 1 in 8 Americans believe in marriage, Utah bucks the trend

Marriage rates decline for most of the U.S. however, Utah's rates remain high. Marriage among younger generations is less popular.
13 hours ago
environmental planner Eagle Mountain...
Martha Harris

New environmental planner will help Eagle Mountain grow responsibly

The Eagle Mountain environmental planner will help the city consider its impact on local wildlife as it expands.
13 hours ago
A 2020 photo of Thomas Lane, the former Minneapolis police officer pleaded guilty Wednesday, May 18...
AMY FORLITI, STEVE KARNOWSKI and MOHAMED IBRAHIM

Ex-cop pleads guilty to manslaughter in George Floyd killing

Floyd, 46, died May 25, 2020, after Derek Chauvin pinned him to the ground with a knee on his neck. Lane helped to restrain Floyd.
13 hours ago
Provo Orem 911 dispatch...
Martha Harris

Provo and Orem may combine their 911 dispatch centers

Provo Fire Chief James Miguel told the Provo City Council that having separate dispatch centers for the two cities delays response times.
13 hours ago
United States' Megan Rapinoe holds the trophy celebrating at the end of the Women's World Cup final...
ANNE M. PETERSON and RONALD BLUM

US Soccer equalizes pay in milestone with women, men

The U.S. Soccer Federation reached milestone agreements to pay its men’s and women’s teams equally, making the American national governing body the first in the sport to promise both sexes matching money.
13 hours ago
Hands holding two small viles of vaccine....
LAURAN NEERGAARD AP Medical Writer

FDA clears COVID booster shot for healthy kids ages 5 to 11

Pfizer's shot is the only COVID-19 vaccine available for children of any age in the U.S. Those ages 5 to 11 receive one-third of the dose given to everyone 12 and older. Pfizer found a booster revved up those kids' levels of virus-fighting antibodies -- including those able to fight omicron -- the same kind of jump adults get from an extra shot.
2 days ago

Sponsored Articles

Curb Appeal...
Price's Guaranteed Doors

How to have the best of both worlds for your house | Home security and curb appeal

Protect your home and improve its curb appeal with the latest security solutions like beautiful garage doors and increased security systems.
Prescription opioids can be disposed of during National Prescription Take Back Day...
Know Your Script

Prescription opioid misuse | How to protect your family from the opioid epidemic

Studies have shown that prescription opioid misuse has increased since COVID-19. So what do you need to know about these opioids?
...

Tax Tuesday: The Most Common Mistakes People Make When Filing Their Taxes

Fortunately, for most average earners, they will not end up owing overpayments received for the Child Tax Credit in 2021.
...

Tax Tuesday: How will last year’s child tax credits affect you?

Fortunately, for most average earners, they will not end up owing overpayments received for the Child Tax Credit in 2021.
...

Tax Tuesday: Key Information Before the Filing Deadline

Businesses can receive a credit of up to $5,000 per employee in 2020 and up to $21,000 per employee in 2021.
national heart month...
Intermountain Healthcare

National Heart Month: 5 Lifestyle Changes to Make Today to Keep You Heart Healthy

Heart disease is the leading cause of death for both men and women. One person dies every 36 seconds in the United States from cardiovascular disease
US cyber officials issue sweeping directive requiring federal agencies to update systems vulnerable to hacking