Signage outside the headquarters of SolarWinds Corp. in Austin, Texas on Tuesday, December 22, 2020.
Bronte Wittpenn | Bloomberg | Getty Images
The December revelation that US government agencies and our largest corporations were exposed to a sophisticated cyberattack wasn’t unexpected, but the breadth of the SolarWinds hack was shocking.
FireEye, a global leader in cybersecurity, said the company has never seen a breach of this scope and magnitude. In a blog post disclosing the attack, FireEye CEO Kevin Mandia wrote, “We are witnessing an attack from a nation with world class offensive capabilities.” It was obvious how serious the situation was.
Then the other shoe fell off. Days after the first report disclosing the breach, we learned that the SolarWinds hack affected thousands more companies than previously thought and is still ongoing.
A series of seemingly harmless software updates invaded our networks and spread like a metastatic cancer undetected for months.
We do not yet fully know which assets in SolarWinds have been compromised. The evaluation will take months or more. It is clear that very few nation-states have the cyber skills required to orchestrate a hack of this sophistication, and SolarWinds bears all the hallmarks of Russian malicious activity.
Malware and cyberattacks are a specialty of Russia and remain their tools of choice as they are cheap to run and can wreak maximum havoc.
It is important that we respond with a clear, forceful message to the Russians and anyone else who seeks to harm the United States.
In 2007, a massive Russian cyber attack crippled the Estonian government and economy for three weeks. Eight years later, Russia hit Ukraine’s critical infrastructure with a cyber attack that cut off electricity for hundreds of thousands of people.
It is important that we respond with a clear, forceful message to the Russians and anyone else who seeks to harm the United States.
Currently, the SolarWinds hack is viewed as an outrageous act of espionage that steals data and creates unauthorized access to information technology. When it becomes clear that the measures are also having an impact on operational technology (the operation of physical processes or systems), this must be viewed as an attack and the area of potential reactions escalates significantly.
Next, we need to move beyond the jurisdiction of the jurisdiction to develop a national cybersecurity strategy. Once we have identified the vulnerabilities that made this hack possible, we need a comprehensive approach to cybersecurity that will keep the United States one step ahead of its adversaries.
The Idaho National Lab was at the forefront of this work with its Consistency-Driven Cyber-Informed Engineering (CCE), challenging industry and cyber professionals to think like an adversary by developing techniques to defend our most critical systems by isolating them Limit opportunities for attack.
While our coordination on these issues has improved in recent years, closer collaboration between the federal government, corporations, national laboratories and our energy sector will combine our greatest strengths to protect our most sensitive systems and information from hostile foreign actors.
After all, we need a long-term solution to build and maintain a deep bank of cybersecurity professionals. Early exposure to STEM education, computer coding, and cyber curriculum can inspire a whole new generation of students to pursue careers in cyber.
In the meantime, our universities have the opportunity to evolve with the changing workforce to create a pipeline of talented people for fast-paced, well-paid, and highly skilled careers in cybersecurity.
SolarWinds has put us on one of two eventualities: allow us to fall victim to bureaucratic paralysis through analysis, or act decisively to put in place guidelines to ensure America’s cyber dominance for decades. Let it be the latter.
US Senator Jim Risch, R-Idaho, is the senior Republican on the Senate Foreign Relations Committee and a senior member of the Senate Intelligence Committee.
