Solarwind attack is learning for organizations, here are few warnings before solarwind attack
10 previous cybersecurity warnings before solarwind attack
- The alleged Russian hackers may have already breached the government’s software supply chain, in a brazen attack that targeted federal agencies, technology giants including Microsoft Corp., and cybersecurity companies.
- “The fact is that we have known for a long time that the government is vulnerable,” said Cristina Chaplain, a former director at the Government Accountability Office, which has been harshly critical of U.S. government cybersecurity.
- “A lot of people had a sense that we were still vulnerable to something like this happening.” The GAO has studied government cybersecurity practices and issued approximately 3,000 recommendations in the last decade that agencies could implement to make their networks more secure.
- A more recent GAO report, in December, identified seven basic steps that agencies could take to manage risks specifically related to the digital supply chain – such as developing a process for reviewing suppliers to avoid buying insecure software – and found that these steps were barely practiced across 23 government agencies.
- Representative Mike Gallagher, a Republican from Wisconsin who co-chairs the Cyberspace Solarium Commission, said, “The federal government would have at least detected this sooner and been able to mitigate the damage much more quickly.” Cybersecurity in the U.S. government is divided among several agencies, but protection of computer networks in civilian agencies is largely left to the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, known as CISA, and the agencies themselves.
- “We released an emergency cyber directive to help federal agencies identify whether their networks were exposed to this activity, and within 72 hours of release, 100% of the identified affected devices were taken offline.” Wales added that agency heads are responsible for securing their systems, while CISA’s role is to “Understand enterprise-wide cybersecurity risk and ensure that technical information, detections and remediation guidance are shared swiftly and broadly.” The warnings about cybersecurity risks, and missed opportunities to improve defenses, date back to at least 2003.
- In 2015, the federal government launched a “30-day cybersecurity sprint” after Chinese hackers pulled off an audacious cyber-attack, stealing detailed personal information on 22 million Americans from the U.S. Office of Personnel Management.
- His office requested $3 billion in funding to replace old insecure government systems – a “Patchwork” system forming the “Ultimate vulnerability” for U.S. cybersecurity – but Congress has, to date, only appropriated a fraction of this amount, he said.
- CISA became its own agency within DHS in 2018 – a reorganization that elevated the importance of cybersecurity within the U.S. government.
- Another area of progress, officials and lawmakers say, is the 2021 National Defense Authorization Act, which gave CISA additional authority to test government networks for weaknesses and called for the establishment of a National Cyber Director within the executive branch to coordinate security across the government.