Breach was discovered when a malicious software update was uncovered for the popular IT monitoring tool SolarWinds
In December last year, when the private cyber security company FireEye uncovered a malicious software update for the popular IT monitoring tool SolarWinds, the breach was discovered that affected thousands of public and private sector individuals and entities.
The malicious software update allowed Russian hackers to infiltrate sensitive corporate and government networks undetected for months, likely accessing large amounts of private data.
The Biden administration is working on an executive order aimed at trying to prevent digital breaches like the massive SolarWinds hack, which affected government and private networks, a senior official said on Wednesday afternoon.
Anne Neuberger, while speaking to reporters at the White House, President Biden’s deputy national security adviser for cyber and emerging technology, acknowledged the government realizes it does not have “years” to address the problem and said, “The fix and the clean-up work is underway already”.
During the daily White House press briefing, alongside press secretary Jen Psaki, Neuberger appeared to provide an update on the administration’s investigation into the recent massive digital breach that has been attributed to Russia and affects a broad swath of private and public entities.
She said, the administration is already “addressing the gaps we’ve identified in our review of this incident” as well as working with allies around the world who have been similarly affected by Russian cyber-attacks and espionage.
Referencing the scope and timeline of the breach, she said, The SolarWinds breach is “more than a single incident of espionage”.
Several different steps during the press briefing were laid by her, that the government plans to take to address the compromise and prevent similar activity or a digital breach from taking place in the future. It also included “finding and expelling the adversary”. As there is a chance that attackers may have found additional backdoors into other parts of the network after getting an initial foothold, the efforts which the Russian hackers took to obfuscate their trail are complicated than determining which government agencies or private companies were using the specific SolarWinds product.
She explained, the National Security Council is coordinating the response with relevant federal agencies, private sector companies with access to technology and data that are “necessary to understanding the scale and scope of compromise” and partners on Capitol Hill, where Neuberger said she’d be having meetings next week.
She said the White House anticipates the investigation into the breach will take “months”.
Not able to provide an immediate estimate on the monetary cost of the intrusions but she said, the government will need to be focused on investing in securing federal networks, as many government agencies have extremely out-dated hardware and software in need of an update.
What a response to the digital breach should look like, is the debate of cyber security experts, given that there is not yet evidence the plan of the perpetrators to do more than use their access to the systems for the purposes of spying activity is undertaken and acknowledged by the U.S. and most other nations.
The Biden administration’s definition of the attack will most likely heavily affect how it ultimately chooses to respond to the activity.
Neuberger said the government knows espionage was certainly a “goal” given that “there are a number of [agencies targeted] with high foreign intelligence interest to a foreign government”.
However, she told reporters that the White House has not ruled out the possibility that the sophisticated actors behind the breach might resort to data deletion or other destructive attacks.
“There’s concern for this to become disruptive”, Neuberger said. “We have not ruled out potential additional activity, but we’re very focused on carefully taking this step-by-step”.