Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Security United States

White House Orders Federal Agencies To Shore Up Cybersecurity, Warns of Potential Exposure (cnn.com) 15

The White House ordered federal agencies to shore up their cybersecurity after agencies have lagged in implementing a key executive order President Joe Biden issued in 2021. From a report: Multiple federal departments and agencies have, as of the end of June, "failed to fully comply" with critical security practices prescribed by the executive order, "leaving the U.S. Government exposed to malicious cyber intrusions and undermining the example the Government must set for adequate cybersecurity practices," national security adviser Jake Sullivan said in a memo to Cabinet secretaries this week.

Sullivan asked senior officials from across the departments to ensure they achieve "full compliance" with the executive order's security requirements by the end of the year. His memo is addressed to agencies outside of the Pentagon. "This morning the National Security Advisor shared a memo with federal departments and agencies to ensure their cyber infrastructure is compliant with the President's Executive Order to improve the nation's cybersecurity," a National Security Council spokesperson told CNN. "As we've said, the Biden-Harris Administration has had a relentless focus on strengthening the cybersecurity of nation's most critical sectors since day one, and will continue to work to secure our cyber defenses."

This discussion has been archived. No new comments can be posted.

White House Orders Federal Agencies To Shore Up Cybersecurity, Warns of Potential Exposure

Comments Filter:
  • by nevermindme ( 912672 ) on Thursday August 17, 2023 @03:45PM (#63775604)
    The public sector is running about 11 years behind the typical enterprise customer, I had it at 15 years behind in 2015, but Windows2003 became unusable. What is favorable for them is that they are no worse than the rest of Azure on the items they outsourced, and you becha they outsourced a ton of sub departments of bullshit to Azure based processes. At least IIS/DOTNET and Java5-6 went unsupportable for most of the goverment sites about 3 years ago, but many remain instances in critical spots on the G to B interfaces.

    I cannot imagine the holes in the services at the weather service, the FAA and department of interior that have interfaces that have remained unchanged in 20+ years. Luckily most are something that easily can be placed behind a WAF and reasonable amount of protection. Nothing that would pass a Fed Audit, but enough to protect brandon from simple hacks.

    The economic damage of stopping filing of flight plans via API is something like 20 billion dollars a day based on current reporting. Shutting down the weather service for a week might not be direct damage, but the confidence in the government damage would be tough to press release around.
  • Imagine the public finding out what the government has been up to in an election year.
  • Idiocy. They should have consistently upgrading their security over the years, not just wait till someone says "Hey we should INCREASE Our security"? Dummies.
  • With Harris on this she will do as great as a job as she has done being the lead in dealing with the border issues.
  • The Federal Salary Council reported in 2022 that federal workers earned more than 24 percent less than private sector counterparts. This is across all pay-grades. It is far worse for technical employees and most of these people live in the high-cost-of-living DC area for which they get more pay, but not nearly enough more. Look at some of the CIOs in some of the lesser orgs. They may have graduated from college 10 years ago and worked their way up from help desk.
  • by Random361 ( 6742804 ) on Friday August 18, 2023 @01:01AM (#63776780)

    U.S. Government Cybersecurity: More Vulnerable than a Dial-up Modem in a 'Hackers' Movie Marathon"

    In a shocking revelation that makes the plot of the 90s cult classic "Hackers" seem like a prophetic documentary, it appears the American government's cybersecurity is about as robust as a floppy disk in a microwave.

    According to the latest report from the Department of Ineffectual Software (DIS), the government's cybersecurity measures are so outdated, they make the movie's depiction of hacking – which famously included surfing through neon-lit, 3D representations of data – look like cutting-edge cyber warfare.

    The report cited numerous instances of laughably poor security, including one case where the password to a critical defense system was "password123." It's as if the nation's cyber-gatekeepers are merely inviting any 14-year-old with a Guy Fawkes mask and a pirated copy of "Hackers" to have a go at the nation's most sensitive data.

    "There's a scene in 'Hackers' where they break into a TV network by guessing the password is 'God,'" said DIS spokesperson, Ima S. Soft. "Honestly, our systems would be lucky to have security that good."

    In a comparison that has caused a stir in the DIS's public relation department, one anonymous staffer likened the government's cybersecurity to engaging in unprotected relations with a partner of positive HIV status. "It's like we're bending over and begging for a devastating cyber attack," the source said. "It's like the last several administrators have all dropped the soap in the shower and are now trying to steady themselves on the towel rack while China, Russia, Iran, and North Korea all penetrate. At the same time."

    The report has sent shockwaves through the government, with many officials now realizing that their cybersecurity is less "Mission Impossible" and more "Hackers on a caffeine-fueled all-nighter."

    The government has pledged to address the issue, with plans to update their systems from Windows '95 and to stop using their birthdates and pet's names as passwords. However, given the government's track record, many fear that the end result will be closer to the ridiculous visual hacking scenes from "Hackers" than actual, effective cybersecurity. "Remember that John Podesta's email password was actually 'password'. You can't make this shit up."

    As the nation braces for the inevitable, one thing is clear: the government's cybersecurity is about as secure as a hacker's laptop at a 90s rave.

% APL is a natural extension of assembler language programming; ...and is best for educational purposes. -- A. Perlis

Working...