SolarWinds’ cyberattack, about two years ago, represented a new level of hacking sophistication, highlighting the need for the government and the private sector to work together to strengthen the country’s online resilience, the top US cyber defense officer said. Wednesday.
In a panel discussion at the RSA conference, CISA Director Jen Easterly noted that the attack, which allowed Russian hackers to insert malicious code into US IT, was discovered by the private sector cybersecurity firm then known as FireEye, not by government. CISA is the Cybersecurity and Infrastructure Security Agency, the federal agency responsible for protecting the country from cyber threats.
“We certainly can’t do it alone,” Easterly said. “Frankly, since most infrastructure is privately owned…tech companies are more likely to see threats than governments.”
The SolarWinds attack, which US intelligence officials say likely originated in Russia, was discovered in late 2020, but is said to have started as early as March of that year. Hackers broke into systems at IT software provider SolarWinds and added malicious software to an update to the company’s popular Orion products.
Thousands of SolarWinds customers then installed the compromised update, giving the hackers access to their systems. Federal agencies, major tech companies and hospitals were among the targeted organizations, although SolarWinds claims only a few of those affected actually suffered damage. The Russian government denies involvement in the attack.
Sudhakar Ramakrishna, who became CEO before the hack was discovered but only started in that role afterwards, said the company’s response to the “incredibly sophisticated and incredibly new” attack was unusual because the company emphasized transparency. It took off right away, working continuously with detectives and the government, and communicating with its customers and employees.
He added that there are no magic bullets for dealing with these types of attacks, but it did provide an opportunity to learn how to improve security and respond better if something like this ever happened again.
Easterly said she thinks SolarWinds’ biggest lesson is that cybersecurity should become a national priority, something she says she is.†
“We also need to be able to communicate it in a way that people understand what to do to protect themselves,” she said, adding that sometimes the tech industry isn’t very good at the communication part.