President Biden signed a sweeping executive order on Wednesday aimed at protecting federal networks, as the East Coast continues to deal with the fallout from a ransomware attack that shut down one of the nation’s largest fuel pipelines for several days. The Biden administration has been drafting the order over the last few months, and is designed less to address an incident like the one experienced by Colonial Pipeline, a privately-owned critical infrastructure operator that is believed to have been hit by a criminal gang, than it is aimed at preventing a future SolarWinds-like incident…
Texas-based software firm SolarWinds downgraded the number of customers impacted by its 2020 supply chain attack from 18,000 to less than 100.
For more than a decade, policymakers on Capitol Hill have repeatedly tried and failed to pass meaningful federal data breach notification laws that would require companies to share details about cybersecurity incidents that they experience. As a result, organizations have to comply with a patchwork of more than 50 notification laws for each state and territory in the U.S. However, a group of lawmakers are pushing colleagues and business associations to revisit these efforts, arguing that recent incidents have highlighted how the lack of mandatory reporting rules makes it harder to detect and respond to major incidents…
SolarWinds’ chief information security officer defended the company’s practices and technology on Wednesday, saying the attack it experienced at the hands of Russia’s foreign intelligence agency last year wasn’t one that most companies would be prepared for. “We ran a pretty good shop, we had pretty good technology,” Tim Brown, the company’s CISO and vice president of security, said during a webcast hosted by the insurance firm Marsh. “We’ve had four months of inspections and we found things to fix, but it wasn’t like we were super dirty—there wasn’t sloppiness, there wasn’t malware all over our environment.”
Six European Union institutions were hacked part of the SolarWinds supply chain attack; a top EU administration official said this week. In a response to a question filed by an EU Parliament member in February 2021, European Commissioner for Budget and Administration Johannes Hahn cited the findings of CERT-EU, the Computer Emergency Response Team for EU institutions, which has been investigating the attacks.
In a press release today announcing a broad set of sanctions against the Russian government, the Biden administration has formally named the Russian Foreign Intelligence Service, also known as the SVR, as the perpetrator of the 2020 SolarWinds Orion supply chain attack.
‘We’re responding in election cycles:’ Niloofar Razi Howe on the big changes needed to prevent the next SolarWinds attack
In a hearing held by the House Committee on Appropriations last week, Niloofar Razi Howe described 2021 as “one of the most consequential years in cybersecurity—and it’s only March.” Between the fallout from the SolarWinds supply chain attack, Microsoft Exchange vulnerabilities, and a surge in ransomware incidents, cybersecurity experts in both the private and public sectors have a lot to worry about. The Biden administration and lawmakers across party lines have made the incidents a top priority, with many calling on the U.S. to harden defenses and aggressively respond to nation state intrusions….