DHS Issues Emergency Cyber Directive

The Department of Homeland Security (DHS) is warning agencies of a potential cyber-attack. In an emergency directive issued last week, the DHS directed agencies to take four steps in the next ten days to protect domain name security (DNS) systems from being vulnerable to hijacking.

In early January, a wave of domain hijacking attacks targeted organizations and companies to steal login information.

Fire Eye, a company specializing in detecting and preventing cyber-attacks, explained in a report issued earlier this month, “A large number of organizations has been affected by this pattern of DNS record manipulation and fraudulent SSL certificates. They include telecoms and ISP[s], government and sensitive commercial entities.”

Fire Eye researchers reported with moderate confidence that the attackers were based in Iran.

While this was occurring, the DHS lacked appropriations and was subject to a partial government shutdown. This meant 43 percent of the Cybersecurity and Infrastructure Security Agency (CISA), an agency created late last year to combat cyber threats, was furloughed.

In a blog post, Chris Krebs, director of CISA, explained, “Malicious actors obtained access to accounts that controlled DNS records and made them resolve to their own infrastructure before relaying it to the real address. Because they could control an organization’s DNS, they could obtain legitimate digital certificates and decrypt the data they intercepted – all while everything looked normal to users.”

On January 22, the DHS released their emergency directive to “address the significant and imminent risks to agency information and information systems.”

The directive called for all federal agencies to (1) audit their DNS records, (2) change all DNS account passwords, (3) add multi-factor authentication to all DNS accounts, and (4) monitor Certificate Transparency logs for any unauthorized requests.

The directive calls for these steps to be completed within 10 days and for agencies to provide CISA with a status report and completion report.

Posted in Featured News


This Week on FEDtalk

Fellows Moving Government Forward

Tune in to FEDtalk this week to hear about the fellowships bringing innovation and technology skills to government. Guests from fellowships impacting the legislative and executive branches will discuss how they bring new skills to government.

Read more ...

Hear it from FLEOA

FLEOA Successfully Advocates for Change to Michigan LEOSA Policy

On Tuesday, FLEOA President Larry Cosme issued a letter on Michigan LEOSA policy.  The full text of the statement is below.

Read more ...


The free weekly e-report for Federal Law Enforcement

Get in touch with us

Email FEDagent publisher

Copyright 2020 FEDagent.com
Hosted by Peak Media Company, LLC