Federal agencies need to update their systems in order to avoid future ransomware and malware attacks, according to Rob Joyce, White House cybersecurity coordinator.
Joyce told members of the National Security Telecommunications Advisory Committee (NSTAC) on May 18 that although no Federal networks were affected by the recent WannaCry ransomware attack, the outdated Windows XP operating system, which was the target of the attacks, is still used by some small agencies. Microsoft stopped issuing patches to that in 2014 but issued an emergency patch this month because of the WannaCry attack.
Joyce said that the Trump administration wants to find all of the outdated systems and update those that protect the most vulnerable data.
The NSTAC also released a draft report to the president on Emerging Technologies and Strategic Vision. The report said that the high-priority projects include modernizing IT and cyber procurement, and leveraging shared infrastructure and services.
The NSTAC said that the government should create a fund, like the fund laid out in the most recent Modernizing Government Technology Act that passed the House on May 17, so that agencies can quickly replace outdated IT systems.
The report also said that the government should establish a more agile procurement model, establish dedicated IT procurement teams, and accelerate pilot programs that test new technologies in real-world situations.
“Leveraging innovative technologies ensures that the government is better prepared to benefit from and mitigate the risks of forthcoming technologies,” the report said. “In addition to security improvements and cost efficiencies afforded by such action, opportunities in analytics, cognition, and autonomy can be accelerated to support operations across the government.”