The U.S. Department of Homeland Security (DHS) Cybersecurity and
Infrastructure Security Agency (CISA) issued an emergency directive to
address ongoing incidents associated with global Domain Name System (DNS)
infrastructure tampering. CISA is aware of multiple executive branch agency domains that were impacted by the tampering campaign and has notified the
agencies that maintain them. The directive requires Federal agencies to
take specific steps and comply with reporting procedures to mitigate risks
from undiscovered tampering, prevent illegitimate DNS activity, and detect
unauthorized certificates.
Federal agencies should review Emergency
Directive 19-01 for required actions and reporting procedures.
