Top White House Official Says US Cyber Deterrent Not Strong Enough

MakeUseOf

By Gavin Phillips

Published Apr 25, 2021

The comments come in the wake of US sanctions against the Russian government.

A top White House official believes the Biden Administration hasn't gone far enough to expel Russian hackers from government networks in the wake of the SolarWinds attack. Deputy national security advisor Anne Neuberger also contends that the attackers responsible for SolarWinds are likely active somewhere on US government networks, though understandably couldn't elaborate on those claims.

SolarWinds Might Be Over, But The Threat Isn't Gone

The comments from Neuberger come after President Biden announced sweeping sanctions on Russia concerning Moscow's involvement with the enormous SolarWinds attack, as well as attempts at influencing the 2020 US Presidential election and ongoing occupation of Crimea.

Two CNN sources familiar with SolarWinds informed the news outlet that attackers from Russia's SVR intelligence agency (the equivalent to the CIA in the US) likely remain active in US networks, despite ongoing efforts to patch the vulnerabilities that led to the SolarWinds exploits.

In response, Neuberger said:

To really shape a country's use of cyber, you have to shape the calculus they use on the value and the cost. The SVR is a sophisticated, persistent actor. They play a role as part of Russia's intelligence collection, as part of their malign influence mission. And we know that to shape that calculus is not going to be one action.

Furthermore, Neuberger said that the US government review into SolarWinds revealed "significant gaps" in US cybersecurity defense and that existing strategies to mitigate nation-state threats aren't working "because we see a growth in [Russian] cyber activity."

Ongoing persistent threats from state-sponsored hackers are nothing new.

But since SolarWinds swept through major tech companies and numerous US government agencies, we've also seen further nation-state attacks. First, on Microsoft Exchange Servers from a group with strong links to the Chinese government and another on the widely used Pulse Connect Secure software, which a Home Security advisory directive revealed started around a year ago.

I think what surprised me the most was, as we did the review of SolarWinds, seeing the significant gaps across federal government cybersecurity and the need for rapid, effective modernization

SolarWinds Attack Has Lasting Legacy on US Cybersecurity Policy

The geopolitical impact of SolarWinds is still ongoing. As per Neuberger's comments, she is yet to see a change in Russian activity. Many suspect that the situation will not change, especially while US government cyber-defense needs some serious improvements by her own admission.

For now, all eyes remain on the Biden Administration and their ongoing response to the persistent threats facing the country, all while attempting to repair damage levied on CISA by the previous administration.