Serious vulnerabilities discovered in US cybersecurity agency CISA systems

Serious vulnerabilities discovered in US cybersecurity agency CISA systems

It has been revealed that the US Cybersecurity and Infrastructure Security Agency (CISA) lacked a ready-made response plan for situations where secret keys and data allowing access to its systems were leaked to the public network. The organization responsible for protecting federal networks was forced to develop a strategy (playbook) from scratch during an unexpected crisis. This is reported by Techcrunch.com reports .

The incident occurred in May of this year after independent journalist Brian Krebs warned the agency about a mistake made by an employee of a contractor company. According to TechCrunch, CISA admitted in its report that staff spent time in the early stages of the incident creating an action plan. This demonstrated that the primary body responsible for countering cyberattacks was unprepared for unexpected situations.

How did the error occur?

A researcher from the cybersecurity firm GitGuardian discovered numerous passwords and logins intended for accessing US government systems in a public GitHub repository. It turned out that an employee of a contractor working with CISA had carelessly left this information in public access mode. The researcher initially tried to contact the contractor, but after receiving no response, reported the situation to Brian Krebs.

Only after the journalist's intervention did CISA take the repository offline, revoke all exposed secret keys, and replace them with new ones. The agency stated that no mission-critical or personal user data fell into the wrong hands as a result of the incident. Nevertheless, the lack of a ready-made plan likely significantly slowed down the response process.

Systemic problems and staff shortages

In its report, CISA also noted that communication channels with security researchers were not clearly defined. The agency now promises to improve its communication system to ensure experts can report risks quickly. However, the situation within the organization remains somewhat complex.

According to reports, CISA has been operating without a permanent director since Donald Trump began his presidential term in January 2025. Furthermore, nearly a third of the agency's workforce has been affected by cuts, furloughs, and layoffs. Experts are concerned that such staff shortages and financial constraints are negatively impacting the level of cybersecurity.

This incident once again proved that even the highest-level government organizations must have clear and verified action plans against unexpected cybersecurity incidents. Improvising and creating a plan during a crisis can lead to the loss of valuable time and an increase in risk.

Add Zamin.uz to GoogleRead "Zamin" on Telegram!
Discuss with Zamin AIAnalyze the news, get useful answers

Comments 0

Related news