Reaction on “Heartbleed”: Working Together to Mitigate Cybersecurity Vulnerabilities

When a cybersecurity industry report was published about a vulnerability known as “Heartbleed” -- affecting websites, email, and instant messaging -- that can potentially impact Internet logins and personal information online by undermining the encryption process, the Department’s US -- Computer Emergency Readiness Team (US-CERT) immediately issued an alert to share actionable information with the public and suggested mitigation steps.

Subsequently, our Industrial Control System-Cyber Emergency Response Team (ICS-CERT) published information and reached out to vendors and asset owners to determine the potential vulnerabilities to computer systems that control essential systems -- like critical infrastructure, user-facing, and financial systems.

The National Coordinating Center for Communications (NCC) also provided situational awareness to communications sector partners for their review and action. Importantly, the Federal government’s core citizen-facing websites are not exposed to risks from this cybersecurity threat. We are continuing to coordinate across agencies to ensure that all Federal government websites are protected from this threat.