"The Federal Emergency Management Agency has made several changes to its internal security posture following a cyber intrusion that prompted Homeland Security Secretary Kristi Noem to purge two dozen of its technology staff in a dramatic move announced late last month. The firings were made public on Aug. 29, following a routine review of the agency's systems, which uncovered a vulnerability "that allowed the threat actor to breach FEMA's network"
"The vulnerabilities may be linked to a series of internet security holes and applications that weren't entirely secured across the agency's technology environment, two people familiar with the matter told Nextgov/FCW, citing recent updates observed within the agency. The people were granted anonymity because they were not authorized to speak publicly. They cautioned that the observations are merely suspicions based on what they knew of agency security changes and that they had no direct knowledge of the cause of the breach."
FEMA implemented multiple internal security changes after a cyber intrusion prompted Homeland Security Secretary Kristi Noem to remove about two dozen technology staff, including top technology and cybersecurity officers. A routine review on Aug. 29 identified a vulnerability that allowed a threat actor to breach FEMA's network and pose risks to the department. Observed vulnerabilities may stem from unsecured internet applications and security holes across the agency's technology environment. Anonymous sources cautioned their observations were speculative and lacked direct knowledge of the breach cause. FEMA blocked access to apps like X, Facebook, YouTube and Reddit and required passwords to disable Zscaler controls; previously employees could disable those controls by entering a reason without authentication.
Read at Nextgov.com
Unable to calculate read time
Collection
[
|
...
]