A top White House official said a dispersed cyber-attack was executed from within the United States. It compromised popular software created by Texas-based SolarWinds Corp. Point to be noted that the US government believes Russia was behind the attack. The US federal investigation of the hack would take several months. Deputy National Security Advisor Anne Neuberger issued a press statement and said, “As of today, 9 federal agencies and about 100 private-sector companies were compromised”. But, she didn’t identify them and said the government hasn’t ruled out the possibility of further victims. Neuberger said the government believes it’s still at the beginning stages of understanding the scope and scale of the attack. The alleged attack was publicly discovered in December but was supposedly executed months earlier.
Neuberger added, “The hackers launched the hack from inside the United States which further made it difficult for the US government to observe their activity”. She is leading the US response to the SolarWinds attack. She previously served as NSA’s first Chief Risk Officer, as Director of NSA’s Commercial Solutions Center, as Director of Enduring Security Framework’s cybersecurity public-private partnership, as the Navy’s Deputy Chief Management Officer, and as a White House Fellow. Neuberger led NSA’s election security effort and served as Assistant Deputy Director of NSA’s Operations Directorate, overseeing foreign intelligence and cybersecurity operations. She also served as the National Security Agency’s Director of Cybersecurity and led NSA’s cybersecurity mission. It is noteworthy that the alleged software was used by several government agencies and Fortune 500 companies.
More than 18,000 SolarWinds customers received malicious code through updates to the software. The targets included the federal departments of State, Treasury, Homeland Security, Commerce, and Energy (including its nuclear weapons agency). The US officials said the hackers used other methods to infiltrate networks besides SolarWinds. Neuberger said, “Many of the private sector compromises are technology companies, including networks of companies whose products could be used to launch additional intrusions”. US President Joe Biden delivered a speech on 4th February at the State Department and said, “The US has elevated the status of cyber issues within our government. The US will not hesitate to raise the cost on Russia for the Kremlin’s aggressive behavior, including cyber-attacks”.