[ad_1]
RICHMOND, Va. (AP) — An important part of President Joe Biden’s plans to combat major ransomware attacks and digital espionage campaigns: creating an expert panel that will investigate major incidents to see what went wrong and try to prevent problems from happening again – as a transportation security board does with plane crashes. .
But eight months after Biden signed an executive order creating the Cybersecurity Review Board, it’s still not set up. This means critical missions are yet to be completed, including investigating the massive SolarWinds espionage campaign discovered more than a year ago. Russian hackers stole data from several federal agencies and private companies.
Some supporters of the new board say the delay could harm national security and comes amid growing concerns about a potential conflict with Russia and Ukraine, which could include nation-state cyberattacks. The FBI and other federal agencies recently issued advice on the methods and techniques of Russian state hackers — specifically targeting critical infrastructure such as utilities.
“If it takes us about a year to simply organize a group to investigate major breaches like SolarWinds, we’ll never be able to get ahead of these threats,” said Mark Warner, a Virginia Democratic Senator who leads the Senate Intelligence Committee. “Such a delay is detrimental to our national security and I urge the administration to expedite its process,” he said.
Biden’s order, signed in May, gives the board 90 days to investigate the SolarWinds hack after it’s installed. However, there is no timetable for creating the board itself, a task assigned to Department of Homeland Security Secretary Alejandro Majorkas.
In response to questions from the Associated Press, DHS said in a statement it was well ahead of establishing it and expected a “near-term announcement”, but did not address why the process was taking so long.
Scott Shackelford, head of the cybersecurity program at Indiana University and advocate for creating a cyber review board, said doing a rigorous study of what happened in a past attack like SolarWinds is one way to help prevent similar attacks.
“Oh my God, it’s taking a long time to continue,” Shackelford said. “It is certainly a bygone time when we can see some positive benefits from standing up.”
The Biden administration has made improving cybersecurity a top priority and has taken steps to bolster defense, but this isn’t the first time lawmakers have been unhappy with the pace of progress. Last year, some lawmakers complained that the administration was taking too long to appoint a national cyber director, a new position created by Congress.
SolarWinds hacked exploits of vulnerabilities in its software supply chain system and went undetected for most of 2020 despite compromises at a large federal agency and dozens of companies, primarily telecommunications and information technology providers. The name of the hacking campaign, SolarWinds, comes from the US software company whose product was exploited in the first phase infection of this effort.
The attack highlighted the Russians’ ability to hit high-level targets. The AP previously reported that SolarWinds hackers gained access to emails belonging to then-serving Homeland Security Secretary Chad Wolf.
The Biden administration has kept many details of the cyberespionage campaign secret.
The Justice Department, for example, said in July that at least one employee’s email account was compromised during the hacking campaign of 27 US law firms nationwide. He did not elaborate on what kind of information was received and what impact such an attack could have on pending lawsuits.
According to a former senior official who briefed about the hack, New York-based staff of the DOJ Antitrust Division had files stolen by SolarWinds hackers, according to a former official who was not authorized to speak publicly about the issue and requested anonymity. This violation was not previously reported. The Antitrust Unit investigates private companies and provides access to highly sensitive corporate data.
The federal government has taken over the investigations of the SolarWinds hack. The Government Accountability Office released a report this month on the SolarWinds hack and another major hack that sometimes found it to be a slow and difficult process for sharing information between government agencies and the private sector, the National Security Council also conducted a review on SolarWinds. Hack last year, according to GAO report.
But former National Transportation Security Board chairman Christopher Hart, who advocates the creation of a cyber review board, said the new board’s independent and thorough review of the SolarWinds hack could identify unsightly vulnerabilities and issues others may have overlooked. .
“Most of the accidents that the NTSB actually pursues… are accidents that come as a surprise even to safety experts,” Hart said. “They weren’t really obvious things, they were things that took some really deep research to figure out what went wrong.”
[ad_2]
Source link