Summary: CISA has issued Emergency Directive 26-02, mandating all federal agencies to physically disconnect F5 BIG-IP devices that have reached “End of Support” (EoS) within 48 hours. Intelligence indicates threat actors are successfully reverse-engineering recent patches to find 1-day exploits in legacy hardware that can no longer be updated.
Business Impact: Critical Infrastructure Risk. Many organizations “sweat assets” (keep old hardware running) to save costs. This directive confirms that EoS hardware is now a confirmed liability. If you are running legacy load balancers, you are effectively operating without a firewall.
Why It Happened: A spike in “Volt Typhoon” activity targeting legacy edge devices was detected, using them as reliable entry points that security teams often ignore because “they just work.”
Recommended Executive Action: Conduct an immediate “Hardware Lifecycle Audit.” If you have F5 devices older than 5 years (iSeries/Legacy VE), confirm their support status today. If EoS, schedule a replacement or move the workload to a cloud-native load balancer immediately.
Hashtags: #CISA #EmergencyDirective #F5 #NetworkSecurity #LegacyTech #TechDebt