Newly loaded videos: The US is investigating the SolarWinds attack ‘layer by layer,’ the official said
The US is investigating the SolarWinds attack ‘layer by layer,’ the official said
Anne Neuberger, deputy national security adviser for cyberspace and emerging technologies, said it will take time to uncover details of a suspected Russian attack on federal and corporate computer networks. .
Hackers launched a widespread and indiscriminate attempt to compromise network management software used by both the government and the private sector. The intelligence community is considering who is responsible. Until that research is complete, I will use the language that we have used before, that is, a responsible, advanced, persistent threat agent, possibly of Russian descent. How did this happen? There are two parts to that: them and us. The actors are a sophisticated, advanced, and nagging menace. Advanced because of the level of understanding they present about the technology and how they invaded it is really complicated. Persistence: They focus on the identity of the network, the part that is hardest to clean. And the threat: The scope and scale – for the network, for information – make this more than just an isolated case of espionage. And then there’s us. Lack of visibility in the water. So as a country we choose to have both privacy and security. As a result, the intelligence community largely has no vision of private sector networks. The hackers launched the attack from within the United States, making it even more difficult for the US government to observe their activity. Even in federal networks, a culture and government with limited visibility, that’s something we need to address. This is a challenge. This is a sophisticated actor who did his best to hide their tracks. We believe it took them months to plan and execute this compromise. It will take us some time to explore this, layer by layer. We are fully committed to minimizing the risk of this happening again. If you cannot see a network, you cannot protect one. And federal networks, cybersecurity need investment and more integrated approaches to detect and prevent such threats.
Recent episodes in United States & Politics