The U.S. officials are also trying to uncover the full extent of the probable Russian hack that gives full access to data and emails from at least nine government departments and over 100 private firms to the “sophisticated” actor behind the breach, the top White House cybersecurity official said Wednesday.
Anne Neuberger, the recently named Deputy National Cyber and Emerging Technology Security Advisor, has cautioned that the danger has not passed because hackers have infiltrated technology company networks whose devices may be used to initiate further intrusions.
It will take some time for a task force to examine the magnitude of the harm from the hack, analyze possible responses and attempt to confirm the identity of whoever was behind it, a procedure warned by Neuberger.
She told reporters at the White House, “This is a sophisticated actor who did their best to hide their tracks.” We think this compromise took them months to prepare and implement. It’s going to take some time for us to discover this layer by layer.
The violation, discovered in December, appears to be the work of Russian hackers, U.S. authorities have said. Neuberger, a retired senior National Security Agency official who was named this month by President Joe Biden, did not go any further.
“Without providing any further details and sounding a cryptic note on potential responses, she said, “An experienced, persistent threat actor likely to be of Russian origin was responsible.
“This is not the only case, either for us or for our allies and partners, of malicious cyber activity of probable Russian origin,” Neuberger said. “So, we are holistically considering what those activities were, as we consider future response options.”
The Russian government has denied participation.
FireEye, a private security firm, was the first to identify the breach, discovering that hackers hijacked SolarWinds Inc.’s commonly used network software to deploy malicious software during a standard security upgrade.
The breach was not identified by intelligence institutions because they largely had “no visibility into private-sector networks,” and it was launched within the United States, Neuberger said. She noted that the Biden administration advocates improvements to “culture and authorities” that stopped the hack from being discovered on federal civilian networks.
The hack, Neuberger said, highlights the need to modernize the IT infrastructure of the nation and its cyber defenses, problems that will be discussed in a forthcoming Biden executive order to resolve security and technology vulnerabilities highlighted by the breach.
Several departments, including the Treasury Department and the Justice Department, have acknowledged that they have been violated, but the entire list has not been officially available. When inside, the hackers had complete access to the data of the victims.
“The methods used lead us to believe that it is likely that any files or emails on a compromised network will be compromised,” Neuberger said.
The response has been opposed by some members of Congress based on what they have been briefed so far, all in secret. “Sen. Mark Warner, a Democrat from Virginia, and Sen. Marco Rubio, a Republican from Florida, said in a recent letter to the White House, “The briefings we have got convey a disjointed and disorganized approach to confronting the breach.
Neuberger said she expected in the coming days to travel to the Capitol to brief legislators.