DHS’ Larry Zelvin: Cyber Team Reduced ‘Heartbleed’ Impact on Gov’t Domain

cybersecurityLarry Zelvin, director of the National Cybersecurity and Communications Integration Center for the Department of Homeland Security, has said the “Heartbleed” encryption flaw had minimal impact on the federal government domain, FierceGovernmentIT reported Thursday.

Molly Bernhart Walker writes a team worked for 20 days to respond to the secure-sockets layer encryption vulnerability and mitigate its effect on the dot-gov domain.

Zelvin told a House Homeland Security subcommittee the team were able to identify more than half of the vulnerabilities and mitigate its impact “within the first six days of scanning,” according to the report.

The SSL flaw was detected on April 7 and dissemination of public guidance, as well as government network scanning ensued, the report says.

“To date, the team has scanned a federal IP space of approximately 15.5 million IPs on 11 different occasions and assisted in reducing the number of federal Heartbleed vulnerability occurrences from 270 to about two in less than three weeks,” Zelvin told the hearing.

Check Also

DoD

DoD Uses Commercial Tech for Early Coronavirus Detection

The Defense Threat Reduction Agency (DTRA) partnered with the Defense Innovation Unit to use a commercial, wearable infection warning device for COVID-19 spread reduction, DoD News reported Tuesday. The device, named Rapid Analysis of Threat Exposure, is designed to alert about the virus' presence in the wearer before he or she exhibits symptoms.

Leave a Reply

Your email address will not be published. Required fields are marked *