Anne Neuberger explains the SolarWinds case

Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology.

So, first, what happened ?

 Hackers launched a broad and indiscriminate effort to compromise the network management software used by both government and the private sector.  The intelligence community is looking at who is responsible.  Until that study is complete, I’ll use the language we previously used, which was to say an advanced persistent threat actor, likely of Russian origin, was responsible. 

As of today, 9 federal agencies and about 100 private sector companies were compromised.  As you know, roughly 18,000 entities downloaded the malicious update.  So the scale of potential access far exceeded the number of known compromises.  Many of the private sector compromises are technology companies, including networks of companies whose products could be used to launch additional intrusions. 

So, finally, and most significantly, what are we going to do about it?  Three things:

  • First, finding and expelling the adversary. 
  • Second, building back better to modernize federal defenses and reduce the risk of this happening again. 
  • And finally, potential response options to the perpetrators. 

More information

Soyez le premier à commenter

Poster un Commentaire

Votre adresse de messagerie ne sera pas publiée.


*


Ce site utilise Akismet pour réduire les indésirables. En savoir plus sur comment les données de vos commentaires sont utilisées.