A coalition of federal agencies has been assembled by the National Security Council to investigate the breadth of the recent SolarWinds cyberattack. Russia is believed to have orchestrated the intrusion.
In response to the recent SolarWinds cyberattack, the National Security Council launched a new task force to investigate which federal networks were compromised in the alleged Russian-led cyberattack.
Known as the Cyber Unified Coordination Group (UCG), the group is tasked with identifying the scope of the incident and how to mitigate any potential threats resulting from the hack, according to a joint statement by the National Security Council, the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), the Office of the Director of National Intelligence (ODNI), and the National Security Agency (NSA).
“At this time, we believe this was, and continues to be, an intelligence-gathering effort,” the statement says. “We are taking all necessary steps to understand the full scope of this campaign and respond accordingly.”
So far, data compiled by UCG estimates that 18,000 public- and private-sector customers of the SolarWinds Orion product have been affected. Of those 18,000 customers, the task force estimates that less than 10 U.S. government agencies fall into this category.
To identify which agencies have been compromised, the FBI, in collaboration with UCG, is working to identify victims, collect and analyze evidence, and share their results with those affected by the attack.
Once identified, according to CISA, government agencies can utilize its suspicious activity detection tool, called Sparrow.ps1, to detect any unusual and potentially malicious cyberactivity and remediate systems while preserving and collecting evidence.
Support for the investigation and implementing other cybersecurity measures is expected to increase in the coming weeks as the Biden-Harris administration takes office.
Last week, President-elect Joe Biden announced the appointment of Anne Neuberger as the deputy national security adviser for cybersecurity within the National Security Council, marking the administration’s first step in re-elevating cybersecurity as a critical national security priority.
In her upcoming role, Neuberger will be responsible for coordinating the federal government’s cybersecurity efforts, with a focus on responding to the SolarWinds cyberattack.
“The Biden-Harris Administration will make cybersecurity a top priority, elevating it as an imperative across the government from day one,” a transition spokesperson said in a statement to Politico. “We will strengthen our partnerships with the private sector, academia and civil society; renew our commitment to international norms and engagement on cyberissues; and expand our investment in the infrastructure and people we need to effectively defend the nation against malicious cyber activity.”
Looking for the latest gov tech news as it happens? Subscribe to GT newsletters.