US cyber agency CISA had to build its incident playbook during the incident, agency reveals


U.S. federal cybersecurity agency CISA said it did not have a prepared response plan for how it should handle a cybersecurity incident in May, after an investigative reporter notified the agency that a contractor had publicly exposed sensitive keys and credentials for accessing U.S. government systems.

CISA, the Homeland Security unit tasked with defending federal networks and helping to safeguard critical infrastructure, revealed Friday in a post-mortem report that its staff “had to spend time building [a playbook] during the early stages of the incident.” The agency said it is important to prepare playbooks for “all anticipated needs” to ensure that organizations are ready to respond in the event of a security incident rather than scrambling to improvise one in real time.

The agency did not say how long the missing playbook delayed CISA’s response, and a spokesperson did not immediately respond to TechCrunch’s request for comment. 

Independent cybersecurity journalist Brian Krebs reported in May that a security researcher with cyber firm GitGuardian alerted him to reams of exposed passwords stored in a publicly accessible GitHub repository, which an employee of a CISA contractor had uploaded.

According to Krebs, the researcher tried to alert the contractor but didn’t hear back. Only after Krebs contacted CISA did the agency take the repository offline and revoke and replace all of the exposed credentials to prevent any potential future abuse.

CISA said that no customer or mission data was exposed in the incident and thanked the researcher and reporter for their help. The agency said that its channels for allowing security researchers to notify CISA of potential incidents “were not well defined,” and that it has made changes to make it easier and faster for researchers to contact the agency.

CISA has been without a permanent director since the start of President Donald Trump’s second term in January 2025. The agency has also been affected by cuts, furloughs, and layoffs affecting about a third of its workforce since Trump took office. 

When you purchase through links in our articles, we may earn a small commission. This doesn’t affect our editorial independence.



Source link

  • Related Posts

    Meta turns off the Instagram feature that let users make AI deepfakes of public accounts

    Following significant backlash, Meta is turning off the feature it announced this week that let users generate AI images based on content from public Instagram accounts just by tagging them.…

    Increased drone surveillance of illegal July 4th fireworks led to $100K fine

    The Riverside Police Department has attributed its increase in citations for illegal fireworks to having deployed drones starting in 2025, according to the Los Angeles Times. The newspaper also listed…

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    You Missed

    Donkey Kong Arcade Set Surfaces In New LEGO Leak, Here’s A First Look

    Donkey Kong Arcade Set Surfaces In New LEGO Leak, Here’s A First Look

    All the Canadian Politics!

    Meta turns off the Instagram feature that let users make AI deepfakes of public accounts

    Meta turns off the Instagram feature that let users make AI deepfakes of public accounts

    A Luxury Fashion Retailer in Bahrain Launches its AI Personal Stylist

    A Luxury Fashion Retailer in Bahrain Launches its AI Personal Stylist

    B.C. woman wins in court over District of Sechelt U-turn on partially built home

    B.C. woman wins in court over District of Sechelt U-turn on partially built home

    Judge vacates convictions of 4 Proud Boys in Jan. 6 Capitol insurrection

    Judge vacates convictions of 4 Proud Boys in Jan. 6 Capitol insurrection