Biden administration faces increasing pressure to address solar wind breech

The computer intrusion campaign that has been linked to Russia has hit many federal agencies and the private sector, raising concerns about the security of corporate secrets, government emails and other sensitive data. The Trump administration formally raised a finger in Russia earlier this month following revelations in December that hackers had inserted malicious code into a tool published by Solarwinds, a software vendor used by countless government agencies and Fortune 500 businesses.

As Biden officials assume responsibility for the investigation into the hack campaign, new evidence unearthed by members of Congress, former federal officials, and Microsoft this week has led to renewed urges in the search for answers.

“This Solar Woods has caused widespread breech concerns for all of us, and frankly, not surprisingly, given what we are getting, which the federal government is good at tackling these types of violations. Not ready, “Sen. Rob Portman, Republican in Ohio, said at a hearing this week.

In a letter to congressional leaders on Friday, the former acting secretary of the Department of Homeland Security, Kevin McLennan, said that it is imperative that Biden’s nominee, Alejandro Mayorkas, who heads the department, be swiftly confirmed. The SolarWind incident, McLennan wrote, “underscores our nation’s growing need to renew renewed focus on cyber security and the security of our supply chain in particular. In the wake of solar wind breech, DHS has to work in concert Requires dedicated and confirmed leadership. Other government agencies to resolve the issue immediately – and to ensure that we are prepared for potential future efforts. ”
On the day Biden was sworn in, a congressional commission on cyber security sent a 15-point list of priorities and policy recommendations to the White House, including steps to prevent another government violation.
And Microsoft’s report on Wednesday highlighted the sophistication of the attackers, speculating that they may have spent an entire month developing custom code designed to choose their targets and secretly compromise each victim . SolarWinds was just a mechanism used to gain access to the network, an official at the CyberspaceSeries and Infrastructure Security Agency told CNN, stressing that other technologies could be used to gain access to the network and lengthen The period was to gather information for “intelligence efforts.”

Amid mounting pressure, the Biden administration is still trying to gain momentum. According to a former senior homeguard security officer, an attempt by Biden staff to understand the full extent of the breech was made before he was taken to office.

“There is a concern that things may get worse,” the former official told CNN.

Meanwhile, there are indications that authorities have only scratched the surface of the scope and scale, a source familiar with the investigation said.

Speaking to reporters on Wednesday, White House press secretary Jane Saki said the administration would “reserve the right to respond to the timing and manner of any cyber-attack pick-up,” but that employees “are only on their computers Were.” She refused to answer a question about whether Biden intended to raise the issue of espionage with Russian President Vladimir Putin.

Computer break-ins will be a focus of the upcoming presidential briefing by the intelligence community, Psaki added.

When former President Donald Trump weighed in on a massive cyber-attack in December in a pair of tweets, rather than condemning the attack – he – or Russia – falsified it, criticizing the media and baselessly claiming it was American voting machines Can affect
Biden appears ready to scramble with the detective attempt head on.

“President Biden understands the urgency of the crisis in a way that President Trump was not,” said Sen. Mark Warner of Virginia, the top Democrat on the Senate Intelligence Committee. “And in his first days, (he) is moving forward with the speed of the fitting to investigate it, so that we can take steps to reverse its effects, give Russia a reasonable response, and in future in this way Determine the best way to stop and stop efforts. ” ”

But while there is little disagreement among US officials that the incursion was serious, opinions about the possible response, and what it looks like, will vary.

A US official told CNN that currently evidence suggests that the hack still qualifies as a highly sophisticated foreign intelligence operation and falls short of an act of cyber warfare – a nuanced distinction about appropriate response options Will factor in any discussion.

But that said, there would almost certainly be a cost to this activity, the official said, which is the price to pay for being caught, even if the attack was technically within the line of foreign espionage.

“In all likelihood,” the attack was cyber espionage, former acting secretary of Homeland Security Chad Wolf told CNN. He said that he had stepped down earlier this month – after abruptly resigning – that no action was taken by the attackers as they reached these networks, he said.

Keith Alexander, a former director of the National Security Agency, told CNN that Biden has a wide range of policy options available to him.

Alexander said, “There are ways in which you can respond to individuals and through diplomatic and economic measures that they should do,” but any response to cyber in the physical space will probably be a major attack on us. Not ready to defend against that. The nation is not ready for that type of cyber engagement. ”

Alexander said Congress should pass legislation to enable the public and private sectors to share threat information, and to provide legal immunity to companies sharing this data.

The lack of senior personnel may also complicate Biden’s response. After Biden’s first confirmation the choice of cabinet – Director of National Intelligence – Evil Haynes admitted that he had not received a classified briefing on the hack earlier this week, underscoring the concern that he and other top Biden officials had already Only eight can be behind the ball. For a difficult transition process.
Although he was sworn in on Thursday and indicated that the hack was a top priority, other top intelligence and homeland security posts remain vacant.

A DHS official pointed out as an example of the disarray of the leadership of the Trump administration, “I’ve never seen this level empty. It really challenges continuity.” “We will have challenges to replace some talent.”

Earlier this week, GOP Sen. Josh Howle blocked Biden’s quick consideration of Homeland Security nominees, leaving the third largest federal department without unconfirmed leadership. CISA has been led by career official Brandon Wells since Trump fired Chris Krebs shortly after the election.

According to a source familiar with the situation, Rob Silver, a partner at law firm Paul Hastings, is expected to be tapped to lead the CISA in the Biden administration. He served as assistant secretary for cyber policy at DHS during the Obama administration, as well as other senior roles in the department. Silver did not respond to a request for comment.

“The biggest problem is that you don’t have a confirmed secretary,” the former senior DHS official told CNN. “It really sets the trajectory of tone and ability to achieve things.”

During his Senate confirmation hearing on Tuesday, Mercus said he was studying the Solar Winds attack intensively as a private citizen. If confirmed, they promised to conduct an in-depth review of two CISA cybersecurity programs – Continuous Diagnosis and Mitigation (CDM) and EINSTEIN – to understand whether they are sufficient to prevent a threat such as SolarWind, and if No, for the federal government to find additional rescue.

Wells said the CISA is “actively involved with the transition team,” with 14 cyber attacks focused on the ongoing cyber incident. In a statement on CNN Friday, he said, “We are committed to seamlessly integrating new members of the Biden administration into the agency, continuing the aggressive effort to understand and respond to this complex cyber campaign.”

A CISA official told CNN that given the length of time that under adverse conditions some networks, remediation – have access to both short-term and long-term reconstruction.

CISA already provided ideas to the Biden team to help develop federal cyber security and overcome the challenges identified by the latest incident. Suggestions, the official said, include: funding for CISA to hunt adverse activity on federal networks; Deployment of new sensors inside federal agencies to detect anomalous activities; And improving the visibility of cloud environments like Office 365.

Officials are also considering creating a civilian program similar to the Pentagon model that helps ensure that third-party partners are meeting cybersecurity standards, but it will be a long-term effort, the official said.


Leave a Reply

Your email address will not be published.