Search Results for: SolarWinds

Gen. Paul Nakasone: FireEye Helped Expose Foreign Adversary in SolarWinds Incident

Gen. Paul Nakasone

Gen. Paul Nakasone, head of U.S. Cyber Command and a five-time Wash100 Award recipient, said critical data provided by a threat intelligence firm enabled the Department of Defense to immediately act and block adversaries from compromising federal networks and exploiting targets in 2020. Nakasone also discussed the threat posed by ransomware to critical infrastructure.

Read More »

U.S. Spy Agencies Review Software Supplier Ties to Russia Following SolarWinds Hack

John Demers

John Demers, assistant attorney general for national security at the Department of Justice, said the FBI and other intelligence agencies launched a review of vulnerabilities originating from software suppliers that have ties with Russia to determine if there is "back-end software design and coding" that makes intrusions into U.S. companies possible.

Read More »

Bob Kolasky: CISA Gains Insight Into 2020’s SolarWinds Cyber Attack

Bob Kolasky

Bob Kolasky, assistant director of the Cybersecurity and Infrastructure Security Agency's (CISA) National Risk Management Center (NRMC), said his team has studied the software risks associated with last year's SolarWinds hack. SolarWinds was a Russian malware attack that affected Orion software in multiple federal agencies. Kolasky said NRMC assessed SolarWinds-related software risks over a span of four months.

Read More »

House Lawmakers Ask Agencies to Provide More Details on SolarWinds Hack

Data-Centric Security

A group of bipartisan House lawmakers sent letters to heads of federal agencies requesting more information related to the SolarWinds cyberattack. Lawmakers also want to know how agencies evaluate vendors for cybersecurity risks and whether they have a specific plan in place to reduce the risks of future supply chain attacks.

Read More »

Gen. Paul Nakasone on CYBERCOM’s Response to SolarWinds Breach, ‘Defend Forward’ Concept

Gen. Paul Nakasone

Gen. Paul Nakasone, commander of U.S. Cyber Command (CYBERCOM) and a 2021 Wash100 Award recipient, said CYBERCOM continues to play a “key role” in the U.S. government’s ongoing response to the SolarWinds hack. He also mentioned in his speech the cyber threats posed by Russia, China, Iran and North Korea and the importance of partnerships with the U.S. private sector and foreign allies.

Read More »

Anne Neuberger: White House to Issue Executive Order in Response to SolarWinds Cyber Incident

Anne Neuberger

Anne Neuberger, deputy national security adviser for cyber and emerging technology and a 2021 Wash100 Award winner, said the White House is working on an executive order in response to the SolarWinds cyber breach. Neuberger said the cyber incident impacted approximately 100 companies and nine federal agencies. She cited the need to address challenges to achieving greater visibility amid the hacking campaign.

Read More »

Sens. Mark Warner, Marco Rubio Want ‘Clear Leader’ to Manage Response to SolarWinds Cyber Breach

Supply Chain Security

Sen. Mark Warner, D-Va., chairman of the Senate Select Committee on Intelligence, and Sen. Marco Rubio, R-Fla., the committee’s vice chairman, have called on leaders of intelligence agencies and the Cybersecurity and Infrastructure Security Agency (CISA) to designate an official to oversee the country’s response to the SolarWinds cyber incident.

Read More »

Report: Suspected Chinese Hackers Targeted U.S. Payroll Agency Via Separate Bug in SolarWinds Orion Code

Cyber Attack

A group of suspected Chinese hackers used a vulnerability in SolarWinds software to breach U.S. government networks and a payroll agency within the U.S. Department of Agriculture (USDA) - National Finance Center (NFC) - was one of the government organizations affected by the cyber attack. The NFC oversees the payroll of several federal agencies, including the FBI and the departments of the Treasury, State and Homeland Security, according to former officials. 

Read More »

Cybercom Deploys Cyber Defense Teams After SolarWinds Attack

FISMA Reform Legislation

U.S. Cyber Command (USCYBERCOM) has deployed teams of cyber professionals to assess military networks following a recent attack attributed to SolarWinds software. Andrew Hall, former director of the U.S. Army Cyber Institute, noted that the DOD must think of the cyber attack from both defensive and offensive positions. Experts have noted that assessing the extent of damages form any cyber attack could span months

Read More »

Investigators Say 30% of Victims of Alleged Russian Hack Do Not Run SolarWinds Software; Acting CISA Director Brandon Wales Quoted

Data-Centric Security

The Cybersecurity and Infrastructure Security Agency (CISA) and corporate investigators said they believe the operation of cyber attackers allegedly linked to Russia extended far beyond compromising SolarWinds’ Orion software and found that about 30 percent of victims in the private and government sectors were not using the software, The Wall Street Journal reported Friday.

Read More »