Sen. Warner wants action on WannaCry patching from DHS, OMB

Democratic Sen. Mark Warner has written to federal officials asking for details about how agencies patched their systems to protect them against the fast-spreading WannaCry ransomware. White House homeland security adviser Thomas Bossert told reporters during the daily briefing Monday that no federal systems had been infected, but Warner noted in his letter that despite a National Institute of Standards and Technology recommendation that security-related software updates “be installed within a defined timeframe (in many cases seven to 30 days for critical patches),” the Government Accountability Office last year found “numerous instances where agencies failed to comply with those deadlines.” Microsoft included a fix for the vulnerability in a regularly scheduled patch in mid-March. Over the weekend, the company took the unprecedented step of releasing a patch for several discontinued but still widely used software products, including Windows XP. In the letter, released Monday afternoon, the Virginia senator asks Homeland Security Secretary John Kelly and Office of […]

The post Sen. Warner wants action on WannaCry patching from DHS, OMB appeared first on Cyberscoop.

Continue reading Sen. Warner wants action on WannaCry patching from DHS, OMB

Sen. Warner wants action on WannaCry patching from DHS, OMB

Democratic Sen. Mark Warner has written to federal officials asking for details about how agencies patched their systems to protect them against the fast-spreading WannaCry ransomware. White House homeland security adviser Thomas Bossert told reporters during the daily briefing Monday that no federal systems had been infected, but Warner noted in his letter that despite a National Institute of Standards and Technology recommendation that security-related software updates “be installed within a defined timeframe (in many cases seven to 30 days for critical patches),” the Government Accountability Office last year found “numerous instances where agencies failed to comply with those deadlines.” Microsoft included a fix for the vulnerability in a regularly scheduled patch in mid-March. Over the weekend, the company took the unprecedented step of releasing a patch for several discontinued but still widely used software products, including Windows XP. In the letter, released Monday afternoon, the Virginia senator asks Homeland Security Secretary John Kelly and Office of […]

The post Sen. Warner wants action on WannaCry patching from DHS, OMB appeared first on Cyberscoop.

Continue reading Sen. Warner wants action on WannaCry patching from DHS, OMB

Trump signs long-awaited cybersecurity executive order

President Trump signed an executive order on cybersecurity Thursday, saying his administration will begin to manage cyber-risk across the U.S. government as a whole, hold agency heads personally responsibility for the protection of their networks and place modernization of federal IT at the heart of efforts to bolster computer security. “We spend a lot of time and inordinate money protecting antiquated and outdated systems,” said Thomas Bossert, the president’s homeland security adviser, who made a surprise appearance at the podium during the daily White House press briefing to announce the signing. The EO, which had originally been scheduled to be signed in January — only to be pulled the day of the planned signature — has been circulating in increasingly detailed draft form since then, but the signing Thursday came out of the blue on a day the White House continued to struggle with the fallout from the president’s shock decision to fire FBI Director James […]

The post Trump signs long-awaited cybersecurity executive order appeared first on Cyberscoop.

Continue reading Trump signs long-awaited cybersecurity executive order

Trump will call for private sector war on botnets, aide says

One of President Donald Trump’s early cybersecurity actions will be a public call for internet companies to collaborate to stop the scourge of botnets — massive networks of compromised computer hardware weaponized by hackers. “I believe we can radically reduce the number of botnets in this country,” White House homeland security adviser Thomas Bossert said Wednesday. “I believe that’s a voluntary effort … The president will call for that publicly,” he said at a Center for Strategic and International Studies event Wednesday. Bossert said collaboration among internet service providers or ISPs, social media companies and web search engines could identify internet traffic from botnets and “shunt it aside.” Botnets of compromised devices are controlled by hackers known as bot herders, and virtually anything that connects to the internet can be vulnerable. The networks can be used to send vast quantities of fraud-laden spam email, and they also can generate huge attacks targeting a website with constant […]

The post Trump will call for private sector war on botnets, aide says appeared first on Cyberscoop.

Continue reading Trump will call for private sector war on botnets, aide says

Bossert promises funding, centralization for federal cybersecurity

President Donald Trump’s budget outline, slated for release Thursday, will propose significant increases in funding for federal cybersecurity, White House homeland security adviser Thomas Bossert said Wednesday. “President Trump intends to put his money where his mouth is,” Bossert said in his his first major policy speech. “Cybersecurity will be funded through DHS and the Department of Defense,” he told the Center for Strategic and International Studies in a keynote address at its Cyber Disrupt 2017 event. Privately, he told a small group prior to his remarks that there would be a “significant plus up” for cyber programs in both DHS and the Pentagon, one of the organizers told CyberScoop. Bossert also promised that the Obama administration’s push to modernize and centralize federal computer networks will continue under Trump. “Federal networks at this point can no longer sustain themselves. We cannot tolerate indefensible technology, outdated antiquated hardware and software,” Bossert said. “Modernization […]

The post Bossert promises funding, centralization for federal cybersecurity appeared first on Cyberscoop.

Continue reading Bossert promises funding, centralization for federal cybersecurity