US Cyber Security To Get A Much Needed Upgrade

Uploaded on 2021-03-03 in NEWS-Cybersecurity News, GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW

US government officials are quickly moving to upgrade national cyber defenses following a sweeping hack that exposed government and corporate secrets to Russia. Top national security agencies confirmed that Russia was likely responsible for a massive hack of US government departments and corporations. They have now rejecting President Donald Trump’s claim that China should be blamed. 

Now the  US government are scrambling to reinforce the nation’s cyber defenses and recognising that the Cybersecurity & Infrastructure Security Agency (CISA), an agency created two years ago to protect America’s networks and infrastructure, lacks the money, tools and authority to counter such sophisticated threats.

The breach, which hijacked widely used software from Texas-based SolarWinds Inc., has exposed the profound vulnerability of civilian government networks and the limitations of efforts to detect threats. “It’s really highlighted the investments we need to make in cybersecurity to have the visibility to block these attacks in the future,” Anne Neuberger, the newly appointed deputy national security adviser for cyber and emergency technology said at a White House briefing.

The reaction reflects the severity of a hack that was disclosed only in December. The hackers, as yet unidentified but described by officials as “likely Russian,” had unfettered access to the data and email of at least nine US government agencies and about 100 private companies, with the full extent of the compromise still unknown. 

While this incident appeared to be aimed at stealing information, it heightened fears that future hackers could damage critical infrastructure, like electrical grids or water systems.

President Biden plans to release an executive order soon that Neuberger said will include about eight measures intended to address security gaps exposed by the hack. The US administration has also proposed expanding by 30% the budget of the US Cybersecurity and Infrastructure Agency, or CISA, a little-known entity now under intense scrutiny because of the SolarWinds breach.

Republicans and Democrats in Congress have called for expanding the size and role of the agency, a component of the Department of Homeland Security. It was created in November 2018 amid a sense that US adversaries were increasingly targeting civilian government and corporate networks as well as the “critical” infrastructure, such as the energy grid that is increasingly vulnerable in a wired world.

President Biden proposes to invest $9 billion to modernise IT across the government in partnership with the General Services Administration and this additional funding for is likely to emerge in forthcoming infrastructure legislation.

CISA operates a threat-detection system known as “Einstein" that was unable to detect the SolarWinds breach. Brandon Wales, CISA's acting director, said that was because the breach was hidden in a legitimate software update from SolarWinds to its customers. After it was able to identify the malicious activity, the system was able to scan federal networks and identify some government victims. “It was designed to work in concert with other security programs inside the agencies,” he said.

The former head of CISA, Christopher Krebs, told the House Homeland Security Committee this month that the U.S. should increase support to the agency, in part so it can issue grants to state and local governments to improve their cybersecurity and accelerate IT modernization across the federal government, which is part of the Biden proposal. “Are we going to stop every attack? No. But we can take care of the most common risks and make the bad guys work that much harder and limit their success,” said Krebs, who was ousted by then-President Trump now co-owns a consulting company whose clients include SolarWinds.

The breach was discovered in early December by the private security firm FireEye, a cause of concern for some officials.
“It was pretty alarming that we found out about it through a private company as opposed to our being able to detect it ourselves to begin with,” Avril Haines, the director of National Intelligence, said at her January confirmation hearing.

The US Treasury and Commerce departments are among the agencies known to have been affected and dozens of Treasury Department email accounts were compromised including supposedly secure systems used by the department’s highest-ranking officials.

Microsoft said in a blog it has identified more than 40 compromised government and private targets of the same hackers, including its own systems,and that the hackers were able to view some of the source code underlying the company’s software, but weren’t able to make any changes to it.

The US Social Security Administration hired FireEye to do an independent forensic analysis of its network logs. The agency had a “backdoor code” installed like other SolarWinds customers, but “there were no indicators suggesting we were targeted or that a future attack occurred beyond the initial software installation,” according to FireEye. A senior executive of FireEye, Charles Carmakal has said recently that “dozens of incredibly high-value targets” have been infiltrated by elite, state-backed hackers, although he did  not name the targets.

Microsoft:          SEC:         US News:      NBC:         VOA:      ABC:      AVPress:   

You Might Also Read: 

A Successful Solar Winds Investigation:

« Five Steps For Managing EdTech Security Risks
Properly Securing Your Cloud System »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Freshfields Bruckhaus Deringer

Freshfields Bruckhaus Deringer

Freshfields Bruckhaus Deringer is a global law firm with a track record of successfully supporting the world's leading corporations, financial institutions and governments.

softScheck

softScheck

softScheck is an IT security consultancy. Services range from pentesting and compliance testing to security auditing of software and IT infrastructure.

STMicroelectronics

STMicroelectronics

ST is a global semiconductor leader delivering intelligent and energy-efficient products and solutions that power the electronics at the heart of everyday life.

Echoworx

Echoworx

Echoworx primary and exclusive focus is providing organizations with secure email services.

Digiserve

Digiserve

Digiserve by Telkom Indonesia is an end-to-end managed solutions provider committed to empowering enterprises in Indonesia.

Network Integrated Business Solutions (NIBS)

Network Integrated Business Solutions (NIBS)

NIBS is an IT services provider offering a range of services with the aim of simplifying and securing technology.

Heidrick & Struggles International

Heidrick & Struggles International

Heidrick & Struggles is a premier provider of leadership consulting and senior-level executive search services for roles including Information & Technology Officers and Cybersecurity.

BugDazz

BugDazz

BugDazz pentest as a service (PTaaS) platform helps bringing in real-time results, detail coverage, & easy remediation workflows with compliance-ready reports.

Vala Secure

Vala Secure

Vala Secure is a cybersecurity and compliance consultancy that always stays ahead of regulations, future threats and ever-changing security environments.

Clarabot Nano

Clarabot Nano

Nano is the secure file sharing tool to improve content search, data access and collaboration between multiple parties.

Assured Clarity

Assured Clarity

Assured Clarity are a global consultancy, specialising in Risk Management and Data Privacy, through Education, Awareness and Training, throughout an organisation.

HTL Support

HTL Support

HTL Support, your trusted partner for comprehensive IT support in London. We specialize in delivering top-tier IT solutions tailored to both large enterprises and small businesses.

SecurityBridge

SecurityBridge

SecurityBridge provide a cybersecurity connection between our customers’ IT departments, the forward-facing business services, and their SAP applications.

IDVerse

IDVerse

IDVerse is focused on making user verification effortless through technology. We build intelligent tools that protect users from identity fraud while enabling a seamless user experience.

SafeLiShare

SafeLiShare

SafeLiShare’s data security platform unifies encryption strategies for organizations with hybrid and multi-cloud infrastructures, ensuring data is secure regardless of its location.

SUCCESS Computer Consulting

SUCCESS Computer Consulting

SUCCESS Computer Consulting is a leader in managed IT and security services for small and medium-sized businesses in Minneapolis, St. Paul, and the surrounding Twin Cities Metro area.