President Biden will soon take executive action in response to the alleged Russian hack of at least nine federal agencies, according to a White House official.
The official spearheading the intelligence community’s review of the SolarWinds breach said Wednesday that the executive action will address “gaps” in federal government cybersecurity identified in the review.
White House deputy national security adviser for cyber and emerging technology Anne Neuberger said in an appearance at a press briefing that hackers had breached nine federal agencies and that about 100 private sector companies were compromised in the hack discovered last year.
“We are working on close to about a dozen things, likely eight … to be part of an upcoming executive action to address the gaps we’ve identified in our review of this incident,” Neuberger announced.
She noted that more companies had also likely been affected by the SolarWinds breach, which federal authorities say was “likely” carried out by Russian hackers. SolarWinds, an IT group based in Austin, Texas, said last year that up to 18,000 of its customers were potentially breached.
“The scale of potential access far exceeded the number of known compromises,” Neuberger warned. “Many of the private sector compromises are technology companies, including networks of companies whose products could be used to launch additional intrusions.”
Neuberger said the attack had been launched from “inside the United States,” and that officials are working to expel the adversaries, secure federal networks and evaluate response options. She emphasized that the full review would take “several months” to be completed.
“This is a sophisticated actor who did their best to hide their tracks,” Neuberger said. “We believe it took them months to plan and execute this compromise; it will take us some time to uncover this layer by layer.”
Neuberger is the official leading the federal government’s response to what has become known as the SolarWinds hack. She told reporters Wednesday that she had been on Capitol Hill last week and would continue to be in contact with lawmakers on how to respond to the SolarWinds incident, in addition to coordinating with the private sector.
The incident, first discovered in December but dating to 2019, involved Russian hackers gaining access to customers of SolarWinds and potentially several other companies.
Agencies confirmed to be impacted by the cyber espionage incident, viewed as the worst in U.S. history, include the Commerce, Defense, Energy, Homeland Security, Justice, State and Treasury departments.
Biden described the SolarWinds breach in December as a “grave threat to national security,” and announced during a speech at the State Department earlier this month that his administration would soon launch an “urgent initiative” to address cyber threats.
Biden discussed the breach as part of his first conversation in office with Russian President Vladimir Putin, and has ordered the Intelligence Community to compile an assessment of the full impact of the SolarWinds breach.
Neuberger emphasized Wednesday that a range of options were on the table to respond to the breach.
“Discussions are underway … this isn’t the only case of malicious cyber activity of likely Russian origin, either for us or for our allies and partners,” Neuberger said. “As we contemplate the future response options, we’re considering holistically what those activities were.”
The decision to hire Neuberger, the former director of the National Security Agency’s cybersecurity directorate, was praised by cybersecurity experts. Neuberger’s role is a new position created by the Biden administration.
Neuberger’s announcement came the same day the Justice Department announced charges against three North Korean hackers accused of stealing $1.3 billion in cash and cryptocurrency funds, along with engaging in a wide range of malicious cyber activities including the 2014 breach of Sony Pictures.