Defense
DOD would curtail long-term intelligence work during government shutdown
Routine spying activities conducted by NSA, the National Geospatial-Intelligence Agency and others would continue, but some forward-looking intelligence planning would be halted, a department document shows.
Cybersecurity
Shutdown could erode cyber defenses by sidelining critical staff, experts warn
A government shutdown would also occur in parallel with the lapse of a critical cyber information-sharing law that could create legal liabilities for companies who send threat data to feds.
Exclusive
Cybersecurity
‘Widespread’ breach let hackers steal employee data from FEMA and CBP
A Citrix vulnerability — suspected to have led to firings of multiple FEMA technology staff — enabled the breach, which let hackers pilfer data from FEMA servers connected to states at the southern border.
Cybersecurity
Vital cyber data-sharing law appears likely to expire amid looming government shutdown
Law firms are advising clients to prepare for this possibility, although the extent of information sharing that will cease if the law lapses remains unclear.
Cybersecurity
CISA issues emergency patching directive for Cisco devices on federal networks
An emerging cyber threat group is exploiting vulnerabilities in Cisco devices, both the company and CISA said. The hackers have potential links to China, according to an analysis put out last year.
People
Over 100 cyber professionals call for quick Kirsten Davies confirmation as DOD CIO
Davies was nominated in May and is scheduled to testify on Thursday.
Cybersecurity
CISA wants more international involvement in cyber vulnerability catalog, official says
Nick Andersen, the agency’s assistant executive director for cybersecurity, says the CVE project would benefit from a "more holistic look" with international partners.
Cybersecurity
House funding extension tacks on two-month reprieve for key cybersecurity laws
The short-term measure gives lawmakers extra time to iron out differences between House and Senate versions of the renewal.
Cybersecurity
Senators call for election security briefing as major races draw closer
“We are concerned that you may have directed the Intelligence Community (IC) to cease its intelligence reporting on this vital topic,” the senators wrote to the director of national intelligence in a Monday letter.
Cybersecurity
CISA ready to accept any extension for key cyber info-sharing law, official says
“Give us two years. Give us ten years. Give us 50. Whatever you take, we’ll take it,” CISA’s Nick Andersen said of the soon-to-expire 2015 Cybersecurity Information Sharing Act.
Cybersecurity
CISA weighs ‘alternative funding sources’ to preserve cyber vulnerability-tracking project
The Common Vulnerabilities and Exposures Program almost lapsed in April, according to MITRE, a key funder.
People
Federal deputy CIO leaving government for private sector role
OMB did not respond to a request for comment about who will replace Drew Myklegard at the agency.
Cybersecurity
US can focus on both offensive and defensive cyber, top NSC official says
Offensive measures are “an important tool of the toolbox that we’ll be unafraid to use,” Alexei Bulazel said. “But that’s not to say we don’t need to do normal blocking-and-tackling cyber defense.”
Cybersecurity
White House cyber office calls for ‘whole of nation’ effort to deter nation-state hackers
Newly-confirmed ONCD director Sean Cairncross wants to work with the private sector to develop a toolkit for stopping foreign hackers and boosting U.S. cyberdefenses.
Exclusive
Cybersecurity
Suspected Chinese operation aims to recruit former feds with job postings, research shows
Researchers at the Foundation for Defense of Democracies uncovered a network of likely fraudulent China-linked websites operating as far back as 2021. One has very recently tried to recruit former federal workers and policy experts.
Cybersecurity
FEMA begins security overhauls following cyber incident and employee firings
The agency recently blocked users from accessing multiple websites and made password changes to an internet security tool in efforts to shore up its cyber posture, people familiar say.
Cybersecurity
House panel advances bill to extend bedrock cyber info-sharing law
Some Republicans want to ensure there’s language that would prevent the nation’s core cyberdefense agency from engaging in alleged “censorship” of Americans’ free speech.
People
Nick Andersen onboards into top CISA cyber position
Andersen has served in both public and private roles, and he held top cybersecurity positions in the Department of Energy in Donald Trump’s first term.
People
Noem terminates 24 FEMA workers for failing to address cyber vulnerabilities
An internal FEMA email obtained by Nextgov/FCW ordered all agency employees to change their passwords “due to recent cybersecurity incidents and threats.”
People