The National Security Council has activated an emergency cybersecurity program to help the government plan its response and recovery efforts in the wake of the SolarWinds breach, according to White House officials and other sources.
A former NSC official told CyberScoop that the move showed how seriously the Trump administration was taking foreign espionage operations.
The action stems from a presidential directive known as PPD-41, which created a unified Network Coordination Group (UCG) to help the U.S. government coordinate multiple agencies in response to major hacking incidents.
The Cyber Coordinating group is generally led by the Department of Justice — through the Fbi and the Joint National Cyber Investigation Task Force — as well as the Director of National Intelligence and the Department of Homeland Security.
“This is when I was in the White House worried about the threat of cyber attacks type – an infection of the supply chain software nation – state threat, now it comes, it not only affected the us government, and affect the interests of the United States government some of the most sensitive, and private sector organizations,” the national security council before the network incident response director Anthony j. told CyberScoop Ferrante.
The reported Breach at SolarWinds — where hackers hid malware in software updates from SolarWinds, a company that provides services to the US government and private sector entities — compromised the targets of the National Institutes of health and the Departments of Commerce, Treasury, Defense, State and Homeland Security.
The vulnerability is still under investigation. But early indications are that the scope of the invisible supply chain attack will produce substantial aftershocks; SolarWinds claims to have 300,000 customers, including entities from the National Security Agency, all five branches of the US military, as well as the health, technology, telecommunications, media and finance sectors.
The team will likely try to mitigate the threat and assess the damage as more victims emerge, said Michael Daniel, a former cybersecurity coordinator.
“This series of activities involves long-term planning, considerable resources and a great deal of patience. “The precision, careful traditional craftsmanship and attention to detail reveal the complexity of technology and organization,” said Daniel, who now serves as president and CEO of the Cyber Threat Alliance. Since the event affected a large number of federal agencies, it made sense to use the PPD-41 framework to manage the response. . “The U.S. government needs to understand the extent of the intrusion, the scope of information that may be available, and the damage that could be caused by such theft.”
Recent Comments