CISA Emergency Directive on DNS Infrastructure Tampering UPDATE

U.S. Department of Homeland Security US-CERT

National Cyber Awareness System:


01/22/2019 06:48 PM EST
release date: January 22, 2019

The U.S. Department of Homeland Security (DHS) Cybersecurity and
Infrastructure Security Agency

(CISA) issued an emergency directive to
address ongoing incidents associated with global Domain

Name System (DNS)
infrastructure tampering. CISA is aware of multiple executive branch agency

domains that were impacted by the tampering campaign and has notified the
agencies that maintain

them. The directive requires Federal agencies to
take specific steps and comply with reporting

procedures to mitigate risks
from undiscovered tampering, prevent illegitimate DNS activity, and

unauthorized certificates.

Federal agencies should review Emergency
Directive 19-01
for required actions and reporting