The Cybersecurity and Infrastructure Security Agency has released an emergency directive requiring agencies to update their on-premises Microsoft Exchange Servers with security patches or disconnect the products. CISA said Wednesday that all agency chief information officers should submit a report by Friday, March 5, using the provided template to inform CISA about their status.

Microsoft issued the security updates after it found that a state-sponsored threat actor operating from China, called Hafnium, was targeting defense contractors, law firms, policy think tanks, infectious disease researchers and other entities to steal data by compromising on-premises Exchange Server software.

“Neither the vulnerabilities nor the identified exploit activity is currently known to affect Microsoft 365 or Azure Cloud deployments. Successful exploitation of these vulnerabilities allows an attacker to access on-premises Exchange Servers, enabling them to gain persistent system access and control of an enterprise network,” the directive reads.

CISA also directed agencies to acquire forensic images, identify indicators of compromise and report to the agency the presence of web shell code on a compromised server, unauthorized access to accounts and evidence of lateral movement of malicious actors that have access to compromised servers.

CISA said it will issue additional indicators of compromise as soon as they become available, offer technical support to agencies without capabilities to comply with the directive and submit a report on outstanding issues to the secretary of the Department of Homeland Security and director of the Office of Management and Budget by April 5.

The Department of Justice has updated the Annual Report Data page on the Freedom of Information Act website and uploaded all fiscal year 2020 FOIA reports prepared by 119 agencies onto the online platform.

DOJ said Tuesday annual reports show that agencies received 790,772 FOIA requests and processed 772,952 of those requests in the previous fiscal year. The department’s office for information policy is working on a summary of annual FOIA reports submitted by agencies for FY 2020.

The updated data page combines into a single interface the Basic and Advanced Report functions to allow the public to collect governmentwide data, search individual agency and data points in annual FOIA reports since FY 2008 and compare information from several agencies.

DOJ introduced FOIA .gov in 2011 to serve as a dashboard for all agencies’ data related to their annual FOIA reports. In compliance with the law, federal agencies and departments submit each year a report to the attorney general providing details about the number of received and processed FOIA requests, the duration of processing those requests and other data regarding their FOIA activities. 

The Missile Defense Agency (MDA) has announced that a missile detection radar under development is progressing on schedule towards initial operational capability expected this fiscal year, Defense News reported Tuesday. 

The U.S. Air Force's Lockheed Martin-made Long Range Discrimination Radar (LRDR) is now in the process of installation at Alaska-based Clear Air Force Station, despite pandemic-caused delays experienced last year.

The Government Accountability Office (GAO) initially reported that USAF will not be able to fully procure the radar before fiscal year 2023, but MDA announced in late February that all critical production tasks have been completed.

LRDR is designed to detect whether an incoming missile carries a warhead or is only a decoy. The radar would generate precision metric data perform this function against ballistic missile threats. Lockheed also applied its open gallium nitride foundry model into the solid state GaN radar.

Gen. Mark Milley, chairman of the Joint Chiefs of Staff, has said that he plans to implement foundational data standards and pitch his concept for joint warfighting that leverages networked forces, Defense One reported Tuesday.

Milley told reporters he seeks to deliver his Joint Warfighting Concept 1.0 to Lloyd Austin, the secretary of the Department of Defense (DOD) and 2021 Wash100 Award winner, and Kathleen Hicks, the deputy defense secretary and a fellow 2021 Wash100 Award recipient, ahead of budget hearings with Congress.

A joint system that builds on common standards across the services branches must be in place by the end of the year, he said.

Milley’s comments come as the U.S. Northern Command continues experiments with other combatant commands to help inform the Joint All-Domain Command and Control program.

Gen. Glen VanHerck, commander of USNORTHCOM, previously told reporters that the command’s Global Information Dominance Experiments are focused on showcasing the value of data. VanHerck also cited the command’s Pathfinder program focused on integrating radar-collated data with machine learning.