Cybersecurity

Changes coming to federal cyber in wake of massive breach

Anne Neuberger briefs the white house press corps feb 17 2021 

Anne Neuberger briefs the White House press corps on Feb. 17, 2021.

The White House today said it is planning "executive action" to address cybersecurity gaps that allowed a breach of nine federal agencies and about 100 private sector companies to persist undetected for months as part of government response to a wide ranging hack involving IT management software SolarWinds and other commercial products.

"We're also working on close to about a dozen things," Anne Neuberger deputy national security advisor for cyber and emerging technology, said in a Wednesday press briefing in the White House. "Likely, eight will pass to be part of an upcoming executive action to address the gaps we have identified in our review of this incident."

Neuberger, who is leading the federal response to the breach, said the intelligence community is continuing to investigate the actors behind the compromise and declined to attribute the attack to any specific country or group.

"Until that study is complete, I will use the language we previously used, which was to say an advanced persistent threat actor likely of Russian origin was responsible," she said.

The press briefing was her first both as deputy national security advisor and the administration's leading official for responding to the multi-agency hack. Much of what she outlined about the incident was previously known through statements from agencies that have publicly acknowledged they were compromised.

Neuberger said the government is currently focused on expelling hackers from federal networks, modernizing federal IT to better protect it against this kind of attack and considering "potential response options to the perpetrators."

The White House has been careful in recent weeks not to provide any forecast of how or when it will respond except to say the president reserves the right to do so in the time and manner of his choosing.

"This isn't the only case of malicious cyber activity of likely Russian origin either for us or for our allies and partners, so as we contemplate future response options, we are considering holistically what those activities were," she said.

Neuberger also acknowledged that other, yet undeclared victims within the government or private sector may emerge as the investigation continues.

About the Author

Justin Katz covers cybersecurity for FCW. Previously he covered the Navy and Marine Corps for Inside Defense, focusing on weapons, vehicle acquisition and congressional oversight of the Pentagon. Prior to reporting for Inside Defense, Katz covered community news in the Baltimore and Washington D.C. areas. Connect with him on Twitter at @JustinSKatz.


Featured

  • FCW Perspectives
    zero trust network

    Why zero trust is having a moment

    Improved technologies and growing threats have agencies actively pursuing dynamic and context-driven security.

  • Workforce
    online collaboration (elenabsl/Shutterstock.com)

    Federal employee job satisfaction climbed during pandemic

    The survey documents the rapid change to teleworking postures in government under the COVID-19 pandemic.

Stay Connected