Yesterday, April 29th 2019, the US Department of Homeland Security released the contents of a new Federal Directive entitled the “Vulnerability Remediation Requirements for Internet Accessible Systems – A binding operational directive is a compulsory direction to federal, executive branch, departments and agencies for purposes of safeguarding federal information and information systems.” In it, the DHS warns all Federal agencies that they have 72 hours to diagnose the problem, and 15-30 days to patch or secure any vulnerabilities exposed in their systems/servers resulting from a cyber attack. The directive is meant to expedite cyber solutions of the future, by drastically consolidating the timeline in which it takes experts to respond and implement cyber solutions.
Most noteably contained in yesterday release was a mandate that all US Federal agencies due more to sure up their DNS systems and records, following a massive cyber security breach during the US Government shutdown of January 2019. You can read more about yesterdays release and these events via the resources provided below.
Learn More – January 2019 DNS Hijacking Campaign: https://roguemedialabs.com/2019/01/24/us-cert-dhs-releases-emergency-directive-in-response-to-widespread-infrastructure-tampering-campaign-targetting-us-executive-branch/
Web Version – DHS Directive fod-19-02: https://cyber.dhs.gov/bod/19-02/
Download Copy of Directive: https://cyber.dhs.gov/assets/report/bod-19-02.pdf