Senators: U.S. response to huge SolarWinds hack has been ‘disjointed and disorganized’
Senators #Senators
© Provided by NBC News
WASHINGTON — The U.S. government’s response to a massive hack of government and corporate networks has been “disjointed and disorganized,” according to the leaders of the Senate Intelligence Committee, who are urging the Biden administration to appoint someone to lead the effort.
In a letter made public Tuesday, Democrat Sen. Mark Warner of Virginia, who chairs the committee, and Marco Rubio of Florida, the ranking Republican, said that the federal response to what U.S. officials say was a hack by a Russian intelligence agency “has lacked the leadership and coordination warranted by a significant cyber event, and we have little confidence we are on the shortest path to recovery.”
Experts say it make take months to oust the hackers from government networks, and the senators added that the threat the breach continues to pose to the country demands a single leader “who has the authority to coordinate the response, set priorities, and direct resources to where they are needed.”
Romney: Russia hack ‘demands a response’
SHARE
SHARE
TWEET
SHARE
Click to expand
UP NEXT
A White House national security spokeswoman did not immediately respond to a request for comment.
What has been commonly called the SolarWinds hack was first reported Dec. 13, when officials said hackers believed to be working for the Russian SVR spy agency compromised SolarWinds software that is used by most Fortune 500 companies and much of the federal government.
Since then, corporate and government officials have said that the hackers used other methods of entry by exploiting software made by Microsoft and VMWare.
Although as many as 18,000 entities downloaded compromised SolarWinds software that made them vulnerable, the hackers are believed to have gained entry to the networks of a select group of targets, including the Departments of Defense, State, Energy, Justice and the Treasury, and the cybersecurity firm FireEye.
Current and former intelligence officials tell NBC News they consider the hack an espionage operation, but some say the scale and methods — compromising the so-called software supply chain in a way that made thousands of networks vulnerable — were larger and more indiscriminate than what the U.S. would do in its cyber spying efforts. Nonetheless, there are no international rules for espionage, and it’s not clear how the Biden administration intends to respond to penalize Russia, or if it will do so at all.
The U.S. government’s internal response to the hack may have been hampered in part because the top cybersecurity official, Christopher Krebs, was fired in November by President Donald Trump after he publicly rejected Trump’s false claims of election fraud.
Trump downplays cyberattack on federal agencies
SHARE
SHARE
TWEET
SHARE
Click to expand
UP NEXT
Additionally, a presidential transition is generally a difficult time for the government to take swift and decisive action, because top officials leave office and new appointees take time to get acclimated.
“The briefings we have received convey a disjointed and disorganized response to confronting the breach,” Warner and Rubio said in their letter, which was addressed to Director of National Intelligence Avril Haines, National Security Agency Director Gen. Paul Nakasone, FBI Director Christopher Wray, and Cybersecurity and Infrastructure Security Agency Acting Director Brandon Wales.