Federal chief information officers and chief information security officers didn’t get a lot of sleep last week, and may not for the foreseeable future.
CIOs and CISOs have spent a long week trying to get a handle on the impact on their networks, systems and data from the SolarWinds cyber attack.
After the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) released an emergency directive on Dec. 13, the race was on to detect, mitigate and respond.
And when CISA followed up with an updated cyber alert on Dec. 17, the agencies had yet to begin to fully realize the depth and breadth of the attack.
“The SolarWinds Orion supply chain compromise is not the only initial infection vector this APT actor leveraged,” CISA wrote, “CISA is aware of compromises, which began at least as early as March 2020, at U.S. government agencies, critical infrastructure entities, and private sector organizations by an APT actor. This threat actor has demonstrated sophistication and complex tradecraft in these intrusions. CISA expects that removing the threat actor from…
