Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Government

White House Names SolarWinds Response Leader Amid Criticism

After members of Congress criticized as “disorganized” the U.S. response to a massive breach of government departments and private corporations discovered late last year, the White House announced Wednesday that a senior national security official had been leading the effort since the first day of the Biden administration.

After members of Congress criticized as “disorganized” the U.S. response to a massive breach of government departments and private corporations discovered late last year, the White House announced Wednesday that a senior national security official had been leading the effort since the first day of the Biden administration.

Anne Neuberger, the deputy national security adviser for cyber and emergency technology, was in charge of remediating the hack, identifying issues with the federal government’s response and launching a study aimed at preventing similar incidents, the White House said.

Intelligence and law enforcement officials are still trying to piece together the cyberespionage campaign blamed on Russia that has badly shaken the U.S. government and private sector. The hack, connected to tainted software from the U.S. firm SolarWinds, was publicly revealed in December but believed to have begun more than a year earlier.

The intruders stealthily scooped up intelligence for months, carefully choosing targets from thousands of customers infected with malicious code they activated after sneaking it into an update of network management software first pushed out last March by Texas-based SolarWinds. The company makes popular software that monitors computer networks of businesses and governments.

So far, the list of agencies known to have been affected includes the Treasury, Commerce and Justice departments, along with several private companies including cybersecurity firms. The Russian government has denied any role in the hack.

In a letter released Tuesday, leaders of the Senate Intelligence Committee blasted the Biden administration for what they said was a lackluster reaction to the SolarWinds hack.

“The briefings we have received convey a disjointed and disorganized response to confronting the breach,” Sens. Mark Warner, D-Va., and Marco Rubio, R-Fla., said in the letter.

Warner, the new Democratic chairman of the committee, and Rubio, the Republican vice chairman, urged the Biden administration to “name and empower a clear leader” who has the authority to “coordinate the response, set priorities, and direct resources to where they are needed.”

Advertisement. Scroll to continue reading.

The White House response on Wednesday pointed to Neuberger’s role since Biden’s inauguration. The response to the letter was first reported by The New York Times.

“In the first weeks of the Biden administration DNSA Neuberger has held a series of consultations with both Democratic and Republican members of Congress on our approach to SolarWinds specifically and our cybersecurity strategy broadly,” said Emily Horne, a spokeswoman for the National Security Council. “We look forward to continuing to work with Congress on these issues.”

A joint statement from Warner and Rubio acknowledged the White House’s reassurance and suggested Neuberger’s role had not been known.

“The federal government’s response to date to the SolarWinds breach has lacked the leadership and coordination warranted by a significant cyber event, so it is welcome news that the Biden administration has selected Anne Neuberger to lead the response,” the statement said.

Also on Wednesday, the House Homeland Security Committee held a hearing with cybersecurity experts to discuss the SolarWinds hack and other issues.

“In the not too distant past … most of us had never heard of SolarWinds, but now it dominates cybersecurity conversations,” said Rep. Bennie Thompson, D-Miss., the committee’s chairman.

Related: China-Linked Hackers Exploited SolarWinds Flaw in U.S. Government Attack: Report

Related: Biden Orders Intelligence Agencies to Assess SolarWinds Hack

Related: Hundreds of Industrial Organizations Received Sunburst Malware in SolarWinds Attack

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...