Changes coming to federal cyber in wake of massive breach

Anne Neuberger briefs the white house press corps feb 17 2021 

Anne Neuberger briefs the White House press corps on Feb. 17, 2021.

The White House today said it is planning "executive action" to address cybersecurity gaps that allowed a breach of nine federal agencies and about 100 private sector companies to persist undetected for months as part of government response to a wide ranging hack involving IT management software SolarWinds and other commercial products.

"We're also working on close to about a dozen things," Anne Neuberger deputy national security advisor for cyber and emerging technology, said in a Wednesday press briefing in the White House. "Likely, eight will pass to be part of an upcoming executive action to address the gaps we have identified in our review of this incident."

Neuberger, who is leading the federal response to the breach, said the intelligence community is continuing to investigate the actors behind the compromise and declined to attribute the attack to any specific country or group.

"Until that study is complete, I will use the language we previously used, which was to say an advanced persistent threat actor likely of Russian origin was responsible," she said.

The press briefing was her first both as deputy national security advisor and the administration's leading official for responding to the multi-agency hack. Much of what she outlined about the incident was previously known through statements from agencies that have publicly acknowledged they were compromised.

Neuberger said the government is currently focused on expelling hackers from federal networks, modernizing federal IT to better protect it against this kind of attack and considering "potential response options to the perpetrators."

The White House has been careful in recent weeks not to provide any forecast of how or when it will respond except to say the president reserves the right to do so in the time and manner of his choosing.

"This isn't the only case of malicious cyber activity of likely Russian origin either for us or for our allies and partners, so as we contemplate future response options, we are considering holistically what those activities were," she said.

Neuberger also acknowledged that other, yet undeclared victims within the government or private sector may emerge as the investigation continues.

About the Author

Justin Katz covers cybersecurity for FCW. Previously he covered the Navy and Marine Corps for Inside Defense, focusing on weapons, vehicle acquisition and congressional oversight of the Pentagon. Prior to reporting for Inside Defense, Katz covered community news in the Baltimore and Washington D.C. areas. Connect with him on Twitter at @JustinSKatz.


  • People
    2021 Federal 100 Awards

    Announcing the 2021 Federal 100 Award winners

    Meet the women and men being honored for their exceptional contributions to federal IT.

  • Comment
    Diverse Workforce (Image: Shutterstock)

    Who cares if you wear a hoodie or a suit? It’s the mission that matters most

    Responding to Steve Kelman's recent blog post, Alan Thomas shares the inside story on 18F's evolution.

Stay Connected