The US agency that defends federal networks did not have its own incident response playbook when it got hacked
TL;DR
CISA admitted it had no prepared playbook for a cybersecurity incident. A contractor leaked government credentials on GitHub. A journalist had to alert the agency.
The US Cybersecurity and Infrastructure Security Agency revealed in a postmortem report on Friday that it did not have a prepared response plan for handling a cybersecurity incident when one hit in May. CISA staff “had to spend time building [a playbook] during the early stages of the incident,” the agency said, recommending that organisations prepare playbooks for “all anticipated needs” rather than improvising in real time.
The incident began when a security researcher at cyber firm GitGuardian discovered that an employee of a CISA contractor had uploaded passwords, AWS GovCloud keys, and other sensitive credentials to a publicly accessible GitHub repository. The researcher tried to alert the contractor but received no response. Only after cybersecurity journalist Brian Krebs contacted...
Copyright of this story solely belongs to thenextweb.com. To see the full text click HERE