White House announces senior official is leading inquiry into SolarWinds hacking
WASHINGTON (NYTIMES) – The White House announced on Wednesday (Feb 10) that it had put a senior national security official in charge of the response to the broad Russian breach of government computers, only hours after the Democratic chairman of the Senate Intelligence Committee criticised the “disjointed and disorganised response” in the opening weeks of the Biden administration.
The criticism from the newly installed chairman, Senator Mark Warner, a Virginia Democrat, appeared to take the White House by surprise.
But it reflects the deep concern on Capitol Hill that too little is known about the hacking or how the government and private industry are addressing it, two months after the intrusion was discovered.
Officials said lawmakers were mistaken to suggest no one was in charge of the federal response.
Ms Anne Neuberger, appointed to the newly created post of deputy national security adviser for cyber and emerging technology by President Joe Biden, is overseeing the response to what has become known as the SolarWinds breach, said Ms Emily Horne, the National Security Council spokeswoman.
“Since day one, she has been running an inter-agency process on SolarWinds,” Ms Horne said.
But until the White House’s announcement on Wednesday, Ms Neuberger’s role had not been publicly announced and did not seem apparent to those on Capitol Hill who were receiving briefings.
In a joint statement issued on Wednesday evening, Mr Warner and the Republican vice-chairman of the intelligence committee, Senator Marco Rubio of Florida, reiterated that the response to the breach had lacked leadership but said that the announcement that Ms Neuberger would lead the response was “welcome news”.
They added that they were expecting regular briefings from her to ensure “we fully confront and mitigate this incident as quickly as possible”.
Until last month, Ms Neuberger had served in a variety of key posts at the National Security Agency and ran the Russia Small Group that devised responses to Moscow’s interference in the 2016 presidential election.
She is widely regarded as an experienced and tough veteran of the low-level, constant conflict between Russia and the United States.
But the letter, released on Tuesday by Mr Warner and Mr Rubio, reflected a growing unease with the absence of much public information about the Russian hacking, which affected numerous federal agencies.
Mr Biden has repeatedly vowed that he will impose costs on Russia for the sophisticated breach and added last week that the days of “rolling over in the face of Russia’s aggressive actions” were over.
It was a reference to President Donald Trump’s repeated refusal to confront President Vladimir Putin of Russia.
After the SolarWinds attack was revealed – named for the Texas company whose software was hijacked by Russian hackers – Mr Trump suggested on Twitter that the culprit might have been China.
He was soon contradicted by his own intelligence agencies.
But assessing the damage done, the lessons learned from the Russian action and the response is a slow process.
Mr Biden, aides say, does not want to risk even greater escalation with Mr Putin.
And it is not yet clear that the attack is over or will be limited to the theft of communications.
After briefings on the issue, Mr Warner and Mr Rubio wrote that “the threat our country still faces from this incident needs clear leadership to develop and guide a unified strategy for recovery, in particular a leader who has the authority to coordinate the response, set priorities, and direct resources to where they are needed”.
Ms Neuberger’s efforts are focused on directing agencies hit by the Russian intrusion to patch and repair their networks, examine the government’s response to the episode and work with the private sector.
She is also overseeing a study of the longer-term implications of the attack on the “supply chain” of software, Ms Horne said.
The White House has also charged the Office of the Director of National Intelligence to conduct an assessment of the SolarWinds hacking, work that is continuing.
Mr Warner has pledged to hold public hearings on the intrusion to help better understand what happened.
In an interview last week, before the letter was sent, Mr Warner said he was disturbed that FireEye, a leading cyber security company, not the network of sensors monitored by the National Security Agency, had discovered the SolarWinds intrusion.
The agency has said nothing publicly about why those signals were missed.
“I would like to err much more on the side of public discussion,” Mr Warner said last week.
Mr Dmitri Alperovitch, a cyber security expert who was the co-founder of CrowdStrike and now runs the Silverado Policy Accelerator, a think tank, told the House Homeland Security Committee on Wednesday that the SolarWinds intrusion had the most impact of any cyber attack in American history.
The hack has made clear “serious gaps” in US strategy.
But he noted that the attack not only was on SolarWinds, but on other supply chain weaknesses.
Some 30 per cent of the networks on which Russian back doors were discovered did not have the SolarWinds software installed, a development earlier reported by The Wall Street Journal.
But many of those systems used other software that was created on systems that used SolarWinds programmes, according to two industry executives involved in investigating the hacking.
The finding suggests that Russia was able to use the vulnerability at SolarWinds to burrow deeper into the supply chain and leaves open the possibility that more back doors installed by Moscow have yet to be found, according to people briefed on the investigation.
Mr Christopher Krebs, the former director of the Cybersecurity and Infrastructure Security Agency, told the House committee this week that more centralised federal oversight of cyber defences was necessary.
He said Congress needed to expand authorities allowing the government to hunt for intruders on some networks.
“As long as the tools are available, vulnerabilities exist, money and secrets are to be had, and a lack of meaningful consequences persist, there will be malicious cyber actors,” said Mr Krebs, who has been consulting with SolarWinds on the response to the hacking.
“Complicating matters, we make it far too easy for the bad guys.”
At the same hearing, Ms Sue Gordon, the former principal deputy director of national intelligence, said there was no technological “magic bullet” to improve cyber defences.
But she called on the intelligence agencies to share more information about the intent of nation-states to improve the ability of companies to defend their networks.
“That is anathema to my former colleagues,” Ms Gordon said.
“But if we don’t share it more broadly, how will a non-governmental entity ever get ahead of their attackers?”
Under the Trump administration, the FBI, the Department of Homeland Security and multiple intelligence agencies created the so-called Unified Coordination Group to organise the federal response.
The Senate letter said that the group “has lacked the leadership and coordination warranted by a significant cyber event”.
Join ST’s Telegram channel here and get the latest breaking news delivered to you.
Source: Read Full Article