EXECUTIVE SUMMARY:
Late last year, the SolarWinds supply chain attack impacted as many as 18,000 organizations. Multiple strains of malware are believed to have targeted both public and private sector groups. From Teardrop to Raindrop to Supernova, the malware remains under investigation.
Nearly a dozen US federal agencies were affected, including the US Treasury, the Department of Homeland Security the US Department of Commerce. The US Department of Homeland Security’s Einstein intrusion-detection system failed to pick up on the attacks for nearly a year. The attacks have been labeled “one of the worst data breaches to hit the US government,” according to CNN.
It remains unclear as to whether information has been stolen. Cyber security forensics teams are still exploring the full extent of the attack. As information about the hack emerges, it has become increasingly clear that the US needs to upgrade infrastructure protections. The Biden administration is currently requesting a full briefing on the attack from intelligence agencies.
How can the US start preparing for the next SolarWinds?
On January 21st, a congressional committee sent a 15-point list of cyber security priority and policy recommendations to the White House. The document included measures to prevent further SolarWinds-like attacks.
Within their first 100 days in office, the Biden-Harris administration intends to set the following processes in motion:
- Establish the Office of the National Cyber Director
- Develop and promote a National Cyber Strategy
- Improve coordination across existing government cyber security efforts and strengthen private sector focused partnerships.
A large number of ideas for improving US cyber security are on the table. The whitepaper guiding the administration’s efforts is available here.
“The scale of the [SolarWinds] attack is breathtaking,” writes Bloomberg. For more on the SolarWinds breach, check out Cyber Talk’s past coverage.
Image courtesy of solarium.gov.
