The Department of Homeland Security has issued an emergency directive ordering administrators of most federal agencies to protect their Internet domains against a rash of attacks that have hit executive branch websites and email servers in recent weeks.
The DHS’ Cybersecurity and Infrastructure Security Agency (CISA) issued the directive on Tuesday, 12 days after security firm FireEye warned of an unprecedented wave of ongoing attacks that altered the domain name system records belonging to telecoms, ISPs, and government agencies. DNS servers act as directories that allow one computer to find other computers on the Internet. By tampering with these records, attackers can potentially intercept passwords, emails, and other sensitive communications.
“CISA is aware of multiple executive branch agency domains that were impacted by the tampering campaign and has notified the agencies that maintain them,” CISA Director Christopher C. Krebs wrote in Wednesday’s emergency directive. He continued: