CybersecurityU.S. Set to Retaliate against Russia, China for Massive Cyber Attacks
Senior officials in the Biden administration on Friday said that the administration is finalizing its decision on how to retaliate forcefully for state-sponsored hacking, as fears in the United States and Western Europe are growing over the consequences of two recent major cyberattacks. Officials said that U.S. retaliatory measures – “some seen, some unseen” – will be coming in matter of weeks, nit months.
Senior officials in the Biden administration on Friday said that the administration is finalizing its decision on how to retaliate forcefully for state-sponsored hacking, as fears in the United States and Western Europe are growing over the consequences of two recent major cyberattacks.
The attacks, one by Russia and the other by China, demonstrated not only a high-level of sophistication, but also brazenness, indicating that these two cyber powers have been left unimpressed by the weak responses by the United States to earlier, and much smaller, state-sponsored cyberattacks.
In a recent speech at the Munich Security Conference, Biden criticized “Russian recklessness” in hacking into computer networks. Last month Jake Sullivan, the national security adviser, said the response to SolarWinds “will include a mix of tools seen and unseen, and it will not simply be sanctions”. According to the New York Times, the first move is expected in the next three weeks, and will involve “clandestine actions across Russian networks”, although this has not been confirmed by the administration.
The Financial Times reports that White House officials said the administration was working closely with the private sector to bolster cyberdefenses in the wake of the cyberattacks which targeted Microsoft Exchange servers and SolarWinds security software.
Biden administration officials a few weeks ago that a retaliation against Russia was coming after it was ascertained that Russian government hackers were behind the massive SolarWinds hack, an attack which some security experts likened to an act of war.
The officials suggested that the response to Russia’s attack will be coming in weeks, not months.
One reason for the delay in retaliation was to give government agencies and private sector companies time to patch up their systems in light of the vulnerabilities the SolarWinds hack exposed, and do so before any retaliatory move.
The administration officials said that in light of the SolarWinds and Microsoft Exchange attacks, the administration has invited private sector companies to participate in key national security meetings on the attacks.
The response “is still evolving,” according to the official, who noted: “We really have a short window to get vulnerable servers patched, measured in hours, not days.”
Experts note that both the SolarWinds and Microsoft attacks have demonstrated the threat posed by security flaws in commercial software. In the case of SolarWinds, the hack was not discovered for more than a year. Microsoft did not release updates to patch the hackers’ access routes for nearly two months after they were first discovered. Trey Herr, director of the Cyber Statecraft Initiative at the Washington-based Atlantic Council, told the FT it was clear that U.S. cybersecurity policy at the moment “is not working.” He accused the government of failing to adequately secure the technology it uses, and of trying to fight sophisticated cyber adversaries with tools that are “hopelessly out of date.”
Herr said that industry itself must take more responsibility for defending its systems. Weaknesses in Microsoft software, for example, were exploited by both the Russian and Chinese espionage campaigns.
He said: “Some of the largest vendors that have been impacted by these events need to be asked: are they building their technology to defend against these kinds of attacks that are becoming increasingly frequent?”