Sprinting Towards a Strategy for the Federal Hacking Situation

The federal government is taking steps to beef up cybersecurity, through what is being dubbed the "30-day Cybersecurity Sprint."

Through this sprint, the government intends to address an assortment of policies and technical issues by tightening control over access to sensitive information and implementing multi-factor authentication, rapidly patching vulnerabilities, and using indicators to track when a malicious cyberattack has occurred, according to an article in the Washington Times.

These measures come in response to the multiple breaches of government networks having been revealed in recent weeks, including one that accessed the stored results of Standard Form 86, known by the more formal name of the Questionnaire for National Security Positions. According to an article in The Atlantic, this form, which has been completed by millions of people working in military and intelligence fields, includes a wealth of personal details from financial interests, to interactions with the law, to mental illness, as well as details on family, friends, and associates.

It is not just the number of records that were accessed that is a concern, but also this depth of the records. "Recent events underscore the need to accelerate the administration’s cyber strategy and confront aggressive, persistent malicious actors that continue to target our nation’s cyber infrastructure," the White House Office of Management and Budget told the Washington Times.

The speed of the attack was also noteworthy. “What’s particularly stunning about this development is how quickly it grew into something so severe,” said the Atlantic article. “Last week, officials estimated that the personal data of 4 million current and former federal employees had been compromised. Then that figure ballooned to as many as 14 million.”