Earlier we mentioned how OPM (Office of Personal Mangement) in the US found they had been hacked with thousands of records accessed, including those relating to background checks for security clearances, something which if true leaves their employees open to blackmail and a whole host of actions that are unpleasant and unwanted by the government.
The White House has now taken action, directing all agencies to take a series of steps in order to prevent and detect any unwanted access into their networks. Tony Scott, U.S. Chief Information Officer, has launched what is being called a 30-day cyber security sprint.
The emergency measures listed include:
- patching “critical-level” software holes “without delay”
- Tightening security and access restrictions for “privileged users”, this includes cutting the number of users with this level of access and to monitor their access to the systems for suspicious behavior
- Increase level of two-factor authentication, where a user is asked to confirm their login attempt, normally by receiving a text or phone call with a code in it
According to the released information, agencies have to report on their progress and problems implementing these steps within the next 30 days. With a “Cybersecurity Sprint Team” task force being deployed to lead the month long view and analysis of the US’s digital defenses, many organizations could find their technology changing.
While the actions are greatly appreciated, if the documents have been copied or accessed, a lot of personal information has been released to people who may use it for harm. Here’s hoping they don’t and that the government has stepped up their security because of this revelation.
Thank you NextGov for the information.
Image courtesy of NMINews.