President Biden’s Cyber Dilemma

The Biden administration is grappling with two major cyber incidents in its first 50 days in office, underscoring the challenge the new White House faces from foreign actors. Russia and China are suspected in the two incidents, which may have compromised thousands of federal, state and private groups for long periods of time before discovery. The effect has been to move cyber security up the list of the administration’s priorities.

Russia has expressed its alarm after it was reported the United States was planning a series of covert counter-attacks on Russian networks, saying such strikes would amount to cyber crimes.

The US security level is being raised probably because of the recent attacks on the US government systems and these US attacks may also be focused on the Chinese and Russian hackers because of the amount of hacks on Microsoft Exchange is now thought to be tens of thousands of organisations that have probably been cyber attacked and compromised. The hackers have used previously unknown flaws in the email software to steal information and data.  Microsoft has said the attackers are "state-sponsored and operating out of China". And now it looks like other hackers are also attacking these systems.   

The hacking group known as Hafnium breached as many victims they could find across the global Internet, leaving behind backdoors to return to later. This follows the recent SolarWinds cyber hacks, linked to Russia, that affected multiple US government departments and other organisations.

US national security adviser Jake Sullivan wrote on Twitter,“We are closely tracking Microsoft’s emergency patch for previously unknown vulnerabilities in Exchange Server software and reports of potential compromises of US think tanks and defense industrial base entities. We encourage network owners to patch ASAP.” 

One US senator has described the SolarWinds attack as an "act of war", but what options President Biden has is not obvious..

That these cyber attacks by potentially hackers backed by governments is a real problem for the Biden administration and will likley result in US Cybercommand being directed to step up hacking into adversary systems to find out what they are doing and stopping operations against the US before they are unleashed.

The US has often considered espionage as then stealing of information as acceptable, because it practised it extensively, as whistleblower Edward Snowden revealed in 2013 and these attacks and the response may fit into the same category. President Biden is launching an emergency taskforce to address an aggressive cyber-attack that has affected hundreds of thousands of Microsoft customers around the world, the second major hacking campaign to hit the US since the election.

The first major move is expected over the next three weeks, officials said, with a series of clandestine actions across Russian and Chinese networks.  

White House press secretary Jen Psaki warned anyone running the affected Exchange servers to implement Microsoft's patch for the vulnerabilities immediately. "We are concerned that there are a large number of victims and are working with our partners to understand the scope of this... Network owners also need to consider whether they have already been compromised and should immediately take appropriate steps."

The task of cleaning up the hackers' tens of thousands of infections may be, that early detection may give victims a chance to both patch their systems and remove the hackers before they can take advantage of their foothold inside organisations.

The Hill:      New York Times:   Wired:      Guardian:       Yahoo:     Jake Sullivan:       BBC

You Might Also Read: 

Solving Mr. Biden’s Wicked Cyber Problem:

 

« Cyber Security For The Internet of Medical Things
British Schools & Universities Suffer Attacks »

Perimeter 81

Directory of Suppliers

WEBINAR: How To Build A Security Observability Strategy In AWS

WEBINAR: How To Build A Security Observability Strategy In AWS

Thursday, Apr 22, 2021 - Join this webinar to learn how to build a security observability strategy in AWS, covering cloud-native monitoring sources, guardrails, and automation capabilities.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

eBook: Practical Guide to Security in the AWS Cloud

eBook: Practical Guide to Security in the AWS Cloud

AWS Marketplace would like to present you with a digital copy of the new book, Practical Guide to Security in the AWS Cloud, by the SANS Institute.

Conference-Service.com

Conference-Service.com

Conference-Service.com provides a categorised calendar of conferences and events which includes Information Security.

Wooxo

Wooxo

Wooxo provides business security and continuity solutions to protect business data for organisation of all sizes.

KPN

KPN

KPN is a leading supplier of ICT services including Cyber Security, Identity & Privacy, Secure Communications and Business Continuity.

EverC

EverC

EverC (previously EverCompliant) is a leading provider of cyber intelligence that allows acquiring banks and payment service providers (PSP) to manage cyber risk.

Data Recovery Doctor

Data Recovery Doctor

Data Recovery Doctor provides data recovery and computer forensics services to business users and private customers throughout the UK.

Tenfold Security

Tenfold Security

Tenfold is the unique, centralized platform for managing user and permissions efficiently and automatically.

Labs/02

Labs/02

Labs/02 is a seed-stage incubator with a mission to advance cutting-edge technology in innovative areas including AI, deep learning, autonomous transportation, and smart cities.

UMBRA

UMBRA

UMBRA is solely concerned with protecting governments against Nation State attacks. We are not a consumer or enterprise company.