Security News > 2023 > June > Hundreds of devices found violating new CISA federal agency directive
Censys researchers have discovered hundreds of Internet-exposed devices on the networks of U.S. federal agencies that have to be secured according to a recently issued CISA Binding Operational Directive.
All Internet-exposed management interfaces found by Censys on the networks of U.S. federal agencies have to be secured according to CISA's Binding Operational Directive 23-02 within 14 days after being identified.
CISA also has announced that it will scan for devices and interfaces that fall within the scope of the directive and will inform the agencies about its findings.
To assist with the remediation process, CISA will also offer technical expertise to federal agencies upon request, ensuring a thorough review of specific devices and providing guidance on implementing robust security measures.
In March, the cybersecurity agency also announced that it would warn critical infrastructure organizations of ransomware-vulnerable devices on their network to help them block ransomware attacks as part of a new Ransomware Vulnerability Warning Pilot program.
CISA orders federal agencies to secure Internet-exposed network devices.