White House Orders Federal Agencies To Shore Up Cybersecurity, Warns of Potential Exposure

The White House ordered federal agencies to shore up their cybersecurity after agencies have lagged in implementing a key executive order President Joe Biden issued in 2021. From a report: Multiple federal departments and agencies have, as of the end of June, "failed to fully comply" with critical security practices prescribed by the executive order, "leaving the U.S. Government exposed to malicious cyber intrusions and undermining the example the Government must set for adequate cybersecurity practices," national security adviser Jake Sullivan said in a memo to Cabinet secretaries this week.

Sullivan asked senior officials from across the departments to ensure they achieve "full compliance" with the executive order's security requirements by the end of the year. His memo is addressed to agencies outside of the Pentagon. "This morning the National Security Advisor shared a memo with federal departments and agencies to ensure their cyber infrastructure is compliant with the President's Executive Order to improve the nation's cybersecurity," a National Security Council spokesperson told CNN. "As we've said, the Biden-Harris Administration has had a relentless focus on strengthening the cybersecurity of nation's most critical sectors since day one, and will continue to work to secure our cyber defenses."

Welcome to 2012 public sector

[nevermindme]

The public sector is running about 11 years behind the typical enterprise customer, I had it at 15 years behind in 2015, but Windows2003 became unusable. What is favorable for them is that they are no worse than the rest of Azure on the items they outsourced, and you becha they outsourced a ton of sub departments of bullshit to Azure based processes. At least IIS/DOTNET and Java5-6 went unsupportable for most of the goverment sites about 3 years ago, but many remain instances in critical spots on the G to B interfaces.

I cannot imagine the holes in the services at the weather service, the FAA and department of interior that have interfaces that have remained unchanged in 20+ years. Luckily most are something that easily can be placed behind a WAF and reasonable amount of protection. Nothing that would pass a Fed Audit, but enough to protect brandon from simple hacks.

The economic damage of stopping filing of flight plans via API is something like 20 billion dollars a day based on current reporting. Shutting down the weather service for a week might not be direct damage, but the confidence in the government damage would be tough to press release around.

Re:No surprise

[gtall]

Diversity hiring has nothing to do with it. Reagan had everything to do with it. He campaigned on "Government is the problem." So when he got in, he decided to farm out a lot of gov. functions to the private sector. They were only more than happy to take the money and not perform. Reagan made it guaranteed to not work because he had infused government agencies with the idea that cutting "regulations" was somehow a conservative dream. Roll the tape forward a few decades and we got Great Recession as a result.

We also get the crap that somehow it is in keeping with one's religious beliefs to discriminate. All you need do is cherry pick the Bible, take shit out of context, and then plop it in front of the right dingbat judge.

Re:

[Fortnite_Beast]

I was following along really well until you branched off to anti-religion bigotry. Be better.

Re:

[NotEmmanuelGoldstein]

... take shit out of context ...

That might be what you're doing: If it's a recent SCotUS decision you're thinking of. That panel overturned Roe v. Wade because SCotUS can't make federal government responsible for holes in the law. If federal law doesn't exist, then the states have authority to do as they please. In that case, the voters and the state's courts have decided that religion-driven laws are not allowed to impede a person's reproductive health.

There's no law demanding Moms for Liberty (and other quasi-religious parenting g

can't have that

[avandesande]

Imagine the public finding out what the government has been up to in an election year.

Oh? Now?

[iluvcrap2000]

Idiocy. They should have consistently upgrading their security over the years, not just wait till someone says "Hey we should INCREASE Our security"? Dummies.

We should be safe.

[will_die]

With Harris on this she will do as great as a job as she has done being the lead in dealing with the border issues.

Federal pay sucks

[laughingskeptic]

The Federal Salary Council reported in 2022 that federal workers earned more than 24 percent less than private sector counterparts. This is across all pay-grades. It is far worse for technical employees and most of these people live in the high-cost-of-living DC area for which they get more pay, but not nearly enough more. Look at some of the CIOs in some of the lesser orgs. They may have graduated from college 10 years ago and worked their way up from help desk.

*** SPAM ALERT *** SPAM ALERT *** SPAM ALERT ***

[NotEmmanuelGoldstein]

The OP is spam.

It's to be expected.

[Random361]

U.S. Government Cybersecurity: More Vulnerable than a Dial-up Modem in a 'Hackers' Movie Marathon"

In a shocking revelation that makes the plot of the 90s cult classic "Hackers" seem like a prophetic documentary, it appears the American government's cybersecurity is about as robust as a floppy disk in a microwave.

According to the latest report from the Department of Ineffectual Software (DIS), the government's cybersecurity measures are so outdated, they make the movie's depiction of hacking – which famously included surfing through neon-lit, 3D representations of data – look like cutting-edge cyber warfare.

The report cited numerous instances of laughably poor security, including one case where the password to a critical defense system was "password123." It's as if the nation's cyber-gatekeepers are merely inviting any 14-year-old with a Guy Fawkes mask and a pirated copy of "Hackers" to have a go at the nation's most sensitive data.

"There's a scene in 'Hackers' where they break into a TV network by guessing the password is 'God,'" said DIS spokesperson, Ima S. Soft. "Honestly, our systems would be lucky to have security that good."

In a comparison that has caused a stir in the DIS's public relation department, one anonymous staffer likened the government's cybersecurity to engaging in unprotected relations with a partner of positive HIV status. "It's like we're bending over and begging for a devastating cyber attack," the source said. "It's like the last several administrators have all dropped the soap in the shower and are now trying to steady themselves on the towel rack while China, Russia, Iran, and North Korea all penetrate. At the same time."

The report has sent shockwaves through the government, with many officials now realizing that their cybersecurity is less "Mission Impossible" and more "Hackers on a caffeine-fueled all-nighter."

The government has pledged to address the issue, with plans to update their systems from Windows '95 and to stop using their birthdates and pet's names as passwords. However, given the government's track record, many fear that the end result will be closer to the ridiculous visual hacking scenes from "Hackers" than actual, effective cybersecurity. "Remember that John Podesta's email password was actually 'password'. You can't make this shit up."

As the nation braces for the inevitable, one thing is clear: the government's cybersecurity is about as secure as a hacker's laptop at a 90s rave.