Latest in SolarWinds Orion
In advance of the new Biden administration cybersecurity executive order, it’s time for the federal government to get proactive about cybersecurity.
States and other stakeholders can use Article 2(4) of the U.N. Charter to bar not just uses of force in cyberspace but also threats of such force by equal measure.
On Thursday, March 18, 2021, at 10:15 a.m., the Senate Homeland Security and Governmental Affairs Committee will hold a hearing on understanding and responding to the SolarWinds supply chain attack.
If the SolarWinds/Holiday Bear campaign was a minimally invasive arthroscopic incision into vulnerable networks, the Microsoft Exchange hack was a full-limb amputation: untargeted, reckless and extremely dangerous.
There is a gap between how administration officials are framing the nature of the SolarWinds incident and what the available evidence indicates about it.
On Tuesday, February 23, 2020, at 2:30 p.m., the Senate Intelligence Committee will hold a hearing on the recent hack of U.S. networks by a foreign adversary. The committee will hear testimony from Kevin Mandia, CEO of Fireye; Sudhakar Ramakrishna, CEO of SolarWinds; Brad Smith, president of Microsoft; and George Kurtz, president and CEO of Crowdstrike.
You can watch a livestream of the hearing here or below:
Cyberattack is an ill-defined area of international law, leaving questions as to when such an attack reaches the threshold for an act of war.
The SolarWinds breach demonstrates that cyberattacks against IT infrastructure can have OT impact, which could compromise control systems and create real-world harm.
Russia launched SolarWinds—the latest in a long series of hostile Russian cyber operations—not because the U.S. has engaged too proactively in cyberspace. Quite the opposite; it did so, very simply, because it could.
The timeline of the breach is still unfolding, but it is not too early to offer a number of high-level observations and predictions.