[ad_1]
As Biden officials assume responsibility for investigating the hacking campaign, members of Congress, former federal officials and new evidence discovered by Microsoft this week have added a renewed urgency to the search for answers.
“This massive SolarWinds breach affects all of us, and frankly it’s not that surprising given what we’ve seen that the federal government is not well prepared to deal with these kinds of breaches.” Ohio Republican Sen. Rob Portman said in a hearing this week.
Amid the growing pressure, the Biden administration is still trying to update itself. Efforts by Biden staff members to understand the full extent of the breach were hampered before taking office, according to a former senior homeland security official.
“There are concerns that things are getting worse,” the former official told CNN.
Meanwhile, there are indications that officials have only scratched the surface of the telescope and scale, a source close to the probe said.
Speaking to reporters on Wednesday, White House press secretary Jen Psaki said the administration “will reserve the right to respond to any cyber attack at a time and in a manner of our choosing,” but that staff members “were just accessing their computers”. She declined to answer a question about Biden’s intention to raise the issue of espionage with Russian President Vladimir Putin.
Computer break-ins will be the focus of an upcoming presidential briefing by the intelligence community, Psaki added.
“President Biden appears to understand the urgency of this crisis in a way that President Trump did not,” said Senator Mark Warner of Virginia, the top Democrat on the Senate Intelligence Committee. “And in its early days, (it) is moving at an appropriate speed to investigate the matter, so that we can take action to address its effects, respond appropriately to Russia and best determine how to deter and prevent such attempts in the future. . ”
But while there is little disagreement among U.S. officials that the intrusion was serious, opinions on a potential response and what it would look like vary.
A US official told CNN that the evidence currently suggests that hacking is still considered a highly sophisticated foreign intelligence operation and is not an act of cyber warfare – a nuanced distinction that will be factored into any discussion of options. reasonable response.
But that said, there will almost certainly be an imposed cost for the activity, the official added, noting that there is a price to be paid to get caught, even though the attack technically falls under foreign espionage.
General Keith Alexander, former director of the National Security Agency, told CNN that Biden had a range of policy options at his disposal.
“There are ways to respond by indicting individuals and through diplomatic and economic measures, which they should do,” Alexander said, “but any response in physical cyberspace would likely turn into a bigger attack on us, and we are not ready to defend against that. The nation is not ready for a cyber engagement like this. ”
Alexander added that Congress must pass legislation to make it easier for the public and private sectors to share threat information and to provide legal immunity to companies that share that data.
“I’ve never seen this level of vacancy. It’s mind-boggling, it really challenges continuity,” said a DHS official who cited CISA as an example of the Trump administration’s dismay. “We will have a hard time replacing some talent.”
Rob Silvers, a partner at law firm Paul Hastings, is expected to be asked to lead CISA in the Biden administration, according to a source familiar with the situation. He held the post of Assistant Secretary for Cyber Policy at DHS under the Obama administration, as well as other senior positions within the department. Silvers did not respond to a request for comment.
“The biggest problem is you don’t have a confirmed secretary,” the former senior DHS official told CNN. “It really sets the tone and the trajectory for the ability to start getting things done.”
Wales said CISA “has actively engaged with the transition team”, including providing 14 briefings focused on the ongoing cyber incident. “We are committed to seamlessly integrating new members of the Biden administration into the Agency, while continuing our aggressive efforts to understand and respond to this complex cyber campaign,” he said in a statement Friday. at CNN.
Given how long the adversary has had access to certain networks, remediation – both short-term and long-term reconstruction – will be a protracted process, a CISA official told CNN.
CISA has already provided ideas to the Biden team to help evolve federal cybersecurity and overcome the challenges identified by the latest incident. The suggestions, the official said, include: funding CISA to drive out adverse activity on federal networks; the deployment of new sensors within federal agencies to detect abnormal activity; and improvements to the visibility of the cloud environment, such as Office 365.
Officials also plan to create a civilian program similar to the Pentagon model that helps ensure third-party partners meet cybersecurity standards, but that would be a longer-term endeavor, the official said.
[ad_2]
Source link