Changes coming to federal cyber in wake of massive breach

Anne Neuberger briefs the white house press corps feb 17 2021 

Anne Neuberger briefs the White House press corps on Feb. 17, 2021.

The White House today said it is planning "executive action" to address cybersecurity gaps that allowed a breach of nine federal agencies and about 100 private sector companies to persist undetected for months as part of government response to a wide ranging hack involving IT management software SolarWinds and other commercial products.

"We're also working on close to about a dozen things," Anne Neuberger deputy national security advisor for cyber and emerging technology, said in a Wednesday press briefing in the White House. "Likely, eight will pass to be part of an upcoming executive action to address the gaps we have identified in our review of this incident."

Neuberger, who is leading the federal response to the breach, said the intelligence community is continuing to investigate the actors behind the compromise and declined to attribute the attack to any specific country or group.

"Until that study is complete, I will use the language we previously used, which was to say an advanced persistent threat actor likely of Russian origin was responsible," she said.

The press briefing was her first both as deputy national security advisor and the administration's leading official for responding to the multi-agency hack. Much of what she outlined about the incident was previously known through statements from agencies that have publicly acknowledged they were compromised.

Neuberger said the government is currently focused on expelling hackers from federal networks, modernizing federal IT to better protect it against this kind of attack and considering "potential response options to the perpetrators."

The White House has been careful in recent weeks not to provide any forecast of how or when it will respond except to say the president reserves the right to do so in the time and manner of his choosing.

"This isn't the only case of malicious cyber activity of likely Russian origin either for us or for our allies and partners, so as we contemplate future response options, we are considering holistically what those activities were," she said.

Neuberger also acknowledged that other, yet undeclared victims within the government or private sector may emerge as the investigation continues.

About the Author

Justin Katz is a former staff writer at FCW.


  • FCW Perspectives
    remote workers (elenabsl/

    Post-pandemic IT leadership

    The rush to maximum telework did more than showcase the importance of IT -- it also forced them to rethink their own operations.

  • Management
    shutterstock image By enzozo; photo ID: 319763930

    Where does the TMF Board go from here?

    With a $1 billion cash infusion, relaxed repayment guidelines and a surge in proposals from federal agencies, questions have been raised about whether the board overseeing the Technology Modernization Fund has been scaled to cope with its newfound popularity.

Stay Connected