Krebs: SolarWinds Cyberattack ‘Happened On My Watch’
Former senior cybersecurity official Christopher Krebs said Sunday that the cyberattack against SolarWinds technology, which caused a breach of U.S. government systems, “happened on my watch.”
Krebs, who prior to his recent dismissal by President Donald Trump served as director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) told CNN’s Jake Tapper that he believes the wide-scale cyberattack was conducted by Russia and was possible because of a “seam” in defenses.
SolarWinds technology is used by all five branches of the U.S. military, numerous government agencies and hundreds of Fortune 500 companies. The SolarWinds Orion platform was compromised.
Citing mega hack, lawmakers urge Trump to sign defense bill full of cyber protections December 18, 2020
Surrounded by Army cadets, President Donald Trump watches the first half of the 121st Army-Navy Football Game in Michie Stadium at the United States Military Academy, Saturday, Dec. 12, 2020, in West Point, N.Y. (Andrew Harnik/AP) WASHINGTON ― Pointing to the huge hack of U.S. government agencies disclosed this week, lawmakers of both parties are calling on President Donald Trump to sign the sweeping national defense policy bill because it contains a host of cybersecurity provisions. Trump repeated a threat Thursday to veto the 2021 National Defense Authorization Act, which suggests the pleas are unlikely to gain traction at the White House. Otherwise, Trump’s silence on the attack may suggest retaliation - if any - will be left in the hands of President-elect Joe Biden’s incoming administration.
To revist this article, visit My Profile, then View saved stories.
This week news broke that United States government agencies and corporations alike as well as international targets were victims of a massive nation-state espionage campaign. But as the revelations continue to pile up, and new targets are discovered by the day, it can be hard to get a handle on what exactly happened and what it all means.
The hackers, who have been widely reported as Russian, compromised high-profile targets like the US Commerce, Treasury, Homeland Security, and Energy Departments, as well as companies like the security firm FireEye. All of the attacks appear to stem from one initial compromise of the IT infrastructure and network-management firm SolarWinds. Hackers had breached the company as far back as October 2019, then planted malicious code in software updates to its network-monitoring tool, Orion. Any customer that installed an Orion patch released between March and June inadvertently plante