On expelling the attacker, Neuberger said the interagency response coordinated by the White House National Security Council includes communication with lawmakers and close cooperation with the private sector.
In that context, she said the Federal government’s response to the hack focuses on “finding and expelling the adversary,” modernizing Federal defenses to “reduce the risk of this happening again,” and preparing “potential response options to the perpetrators.” News and insight on today’s mission-critical IT challenges, from the MeriTV studio. “We’re also working on close to about a dozen things – likely eight will pass – that will be part of an upcoming executive action to address the gaps we’ve identified in our review of this incident,” Neuberger said. And while she did not provide details on what that action will entail, she did provide some hints as to what the Biden administration regards as problems to be overcome to prevent further attacks. Neuberger said the Federal government plans a range of steps as part of an “executive action” to respond to the attack. Neuberger explained that the attacker met the definition of “advanced persistent threat” in three ways: the attack “truly was sophisticated” in nature the focus of the attack was on the “identity part of the network, which is the hardest to clean up” and the “scope and scale to networks, to information, makes this more than an isolated case of espionage.”Īnd she said the attack was launched from within the United States and carried out via private-sector networks, where the Federal intelligence community “largely has no visibility.” Neuberger added, “Even within Federal networks, a culture and authorities inhibit visibility, which is something we need to address.” Speaking broadly about the sophisticated nature of the attack, Neuberger said “the techniques that were used lead us to believe that any files or emails on a compromised network were likely to be compromised.” “Many of the private sector compromises are technology companies, including networks of companies whose products could be used to launch additional intrusions,” she said. Because of that figure, “the scale of potential access far exceeded the number of known compromises,” Neuberger said. “As of today, nine federal agencies and about 100 private sector companies were compromised,” Neuberger said.īut, she emphasized, about 18,000 entities downloaded malicious content via SolarWinds Orion updates. “It’ll take us some time to uncover this, layer by layer,” she said. She emphasized that the government’s investigation was continuing and would likely do so for at least several months.
#Solarwinds hack explained update#
That more precise figure came from Anne Neuberger, deputy national security advisor for cyber and emerging technology, during a White House press conference to update the government’s work on unraveling the state-sponsored hacking exploit and mitigating against its impacts.
#Solarwinds hack explained software#
17 that the attack “compromised” nine Federal government networks – matching with earlier estimates from Federal law enforcement and intelligence agencies that “follow-on” activity by the hackers after initial breaches via software downloads were seen in “fewer than 10” Federal agencies.
The leader of the Federal government’s investigation of the Russia-backed hack of government and private sector networks via SolarWinds Orion products said Feb.
0 kommentar(er)
