ALL U.S. Federal Agencies Need To Patch More Than 300 Security Bugs, Even Those From 2014

AS STATED IN A NEW DIRECTIVE, all U.S. federal agencies are currently pressured by the Biden Administration, requiring them to patch hundreds of security bugs.

ALL U.S. Federal Agencies Need To Patch More Than 300 Security Bugs, Even Those From 2014
A participant uses a laptop computer as he takes part in the Seccon 2016 final competition on January 28, 2017 in Tokyo, Japan. 24 teams from Japan, the US, China, Taiwan, South Korea, Russia, Poland, Switzerland and France competed their skills for cyber securities at the final round of the international cyber security contest in Tokyo. Photo by Tomohiro Ohsumi/Getty Images

As of the moment, the United States and other parts of the globe are being targeted by different hacking groups. Most of these malicious actors pose international security threats, which could definitely affect various companies and government agencies.

Now, the current U.S. President Joe Biden wants all federal agencies to make efforts so that the security vulnerabilities in their systems would be fixed as soon as possible.

CISA (Cybersecurity and Infrastructure Security Agency) issued the new binding operational directive on Wednesday, Nov. 3. This allows all federal agencies in the country to patch more than 300 security bugs within six months.

However, the latest directive also forces them to fix the latest security flaws in just two weeks. Will this be a problem?

ALL U.S. Federal Agencies Must Fix Security Bugs

According to Tech Crunch's latest report, CISA's new operational directive orders federal organizations in the United States to fix the current vulnerabilities, even those security bugs dating back to 2014 and 2015.

ALL U.S. Federal Agencies Need To Patch More Than 300 Security Bugs, Even Those From 2014
Democratic presidential candidate former U.S. Vice President Joe Biden pauses as he speaks during the AARP and The Des Moines Register Iowa Presidential Candidate Forum at Drake University on July 15, 2019 in Des Moines, Iowa. Twenty Democratic presidential candidates are participating in the forums that will feature four candidate per forum, to be held in cities across Iowa over five days. Photo by Justin Sullivan/Getty Images

"The Directive lays out clear requirements for federal civilian agencies to take immediate action to improve their vulnerability management practices and dramatically reduce their exposure to cyberattacks," said Jen Easterly, the CISA Director.

However, various cybersecurity experts and the U.S. government's watchdog, The Office of Management and Budget (OMB), believe that federal agencies would have a hard time fixing these security flaws.

OMB added that most of these government organizations are still struggling when it comes to cybersecurity basics. But, this would still depend on the efforts they will make. They still have six months to patch the old and new vulnerabilities in their systems.

Worst Hardware Security Flaws This 2021

Right now, hardware and software vulnerabilities are serious security threats since hackers can take advantage of them to attack the government and businesses and companies.

Recently, we reported that the FBI warned companies about their financial activities since these could trigger malicious activities. On the other hand, Microsoft also issued a warning about a new password spraying.

Now, MITRE, together with CISA, published a new report about the worst hardware security vulnerabilities. ZDNet provided a full list. But, you can check some of them below:

  • CWE-1231 Improper Prevention of Lock Bit Modification
  • CWE-1233 Security-Sensitive Hardware Controls with Missing Lock Bit Protection
  • CWE-1189 Improper Isolation of Shared Resources on System-on-a-Chip (SoC)
  • CWE-1191 On-Chip Debug and Test Interface With Improper Access Control

For more news updates about other security threats across the world, always keep your tabs open here at TechTimes.

This article is owned by TechTimes

Written by: Griffin Davis

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics