Susan Gordon, former chief deputy director of National Intelligence, told CNBC that the massive cyberattack targeting federal agencies “will take years to overcome,” as senior intelligence officials report that there is no doubt that the Russians were the culprits and that they are still working on it.
“Information is the force and the target, and attackers will go after it,” said Gordon. “This is a big problem. This is bad for national security, it is bad for the cybersecurity discipline, the professionals and the craft.”
Top agencies, including Homeland Security, Treasury, Commerce, and the National Nuclear Security Administration, were targeted in the month-long security breach. The scope of the Russian hack is broadening and authorities say the attackers entered the systems through a third-party vendor, an IT company called SolarWinds. The Department of Homeland Security’s cybersecurity arm warned governments and “critical infrastructure entities” across the country about the “serious risks” posed by the hack.
Mark Douglas, founder and CEO of adtech company Steelhouse and former vice president of technology at eHarmony, explained how the breach occurred at SolarWinds.
“When a company or agency upgrades their software, ironically for security solutions and other changes, they introduce vulnerability because change carries risks.” Douglas told “The News with Shepard Smith.” “In this case, that update contained the malware that compromised government and commercial systems, and that malware was implanted in the updates by the hackers.”
James Carder, LogRhythm’s chief security officer, added that third-party vendors are “low-hanging fruit” for the country’s adversaries to attack and take control of their primary targets, government agencies.
“With the proliferation of attacks against third-party providers, smaller technology companies with large-scale use and access to a full customer base, including public and commercial companies, that do not employ the best cybersecurity, are at the same risk as they have ever been,” said Carder.
DHS warned that the security breach involved multiple tactics and warned, “CISA has evidence of additional initial access vectors, other than the SolarWinds Orion platform, but these are still under investigation.”
Gordon told host Shepard Smith that more resources should be spent supporting cybersecurity in organizations because no matter how people choose to communicate, they will be vulnerable. She added that leadership is part of fighting and dealing with these types of attacks.
“We need the president to face the attack on the nation,” said Gordon.
President Donald Trump has not yet addressed the attack publicly. President-elect Joe Biden issued a statement on Thursday that he will work to punish those responsible for the attack and make cybersecurity “necessary”.
“I want to be clear: my government will make cybersecurity a top priority at every level of government – and we will make tackling this breach a top priority from the moment we take office,” Biden said.
Douglas stressed the importance of the government’s role in cybersecurity.
“Obviously, we can do more to prevent hacking, which is almost always the first vulnerability. There is a need to re-ensure that every software company using the government is secure against hacking.”