The Hacks

DOE Watchdog Detailed Its Cybersecurity State Amid SolarWinds Hack

The department continues to struggle with many of the issues the Cybersecurity and Infrastructure Security Agency identified after widespread intrusions into the public and private sector. 

CISA Orders Agencies to Conduct Fresh Scans of Microsoft Exchange Servers

The agency issued supplemental guidance requiring new tests with Microsoft-provided tools and measures to harden the attractive target.

Director Says NSA’s Domestic Surveillance Authority ‘Rightly’ Limited

Gen. Paul Nakasone, who oversees both the intelligence agency and U.S. Cyber Command, stressed the need for greater visibility through private-sector information streams.

New Software Vendor Standards Coming Within Weeks, CISA Head Says 

The White House is leading an interagency effort focused on software development that will determine federal procurement of information technology.

CISA Will Use New Authority Over Internet Service Providers to Fight Ransomware, Official Says

Acting CISA Director Brandon Wales praised the government’s coordination absent a national cyber director.

CISA, FBI Officials Say Federal Payroll Facility Was Not Targeted in Hacking Campaigns

CISA’s acting director identified ways the government is working to improve information sharing about cybersecurity incidents between agencies.

White House Is Developing a Plan to Secure Industrial Control Systems

An upcoming executive order in response to the hacking campaign that involved SolarWinds will include standards to improve software transparency.

CISA Official Calls for Update of Identity Management Guidance in Wake of SolarWinds Compromise

"Identity is everything now," a technical strategist told NIST advisers in a briefing on the hacking campaign.

Lawmaker SolarWinds Concerns Spill Over in Week of Defense Hearings

In multiple hearings, lawmakers sought solutions to pressing technology-based security issues.

Remote Work and Hack Mitigation Show Need for IT Modernization Funding, Lawmaker Says

Rep. Ro Khanna detailed efforts to ensure agencies have resources for legally mandated updates.

NSA Pushes Zero Trust Principles to Help Prevent Sophisticated Hacks

Operating under the default position that an organization has been compromised is a pain that’s worth it, the agency said.

Hearing on Hack Prompts Call for Review of Government’s Cloud Procurement

A key lawmaker highlighted a profit motive for “basic” cybersecurity as problematic following an exchange with Microsoft President Brad Smith.

Hackers Seized on the Pandemic. Some States Are Fighting Back.

Cyberattackers have forced states to take down websites, stolen $36 billion in unemployment payments and exposed millions of residents’ personal information to scammers.

Hacking Campaign Fuels Calls for Information Sharing Mandate

Senators weigh potential protections from liability for incident reports amid concerns about cyber hygiene.