While the end of 2020 was certainly a whirlwind for SolarWinds, the beginning of 2021 is proving to be no different. Within a week there were reports of newly detected vulnerabilities in the company’s software and of another suspected breach potentially carried out by Chinese hackers. Although details are minimal, one thing is for sure. SolarWinds continues to serve as a cautionary tale.
The Hill covered President Biden’s commitment to prioritize cybersecurity. In line with actions such as appointing Anne Neuberger, the former director of the National Security Agency’s Cybersecurity Directorate, to the newly established deputy national security adviser for cyber and emerging technology role, the administration assures that it will continue to address cybersecurity concerns and threats including those that come from actors like Russia and China. In the words of Biden as reported by The Hill, “We are launching an urgent initiative to improve our capability, readiness and resilience in cyberspace.” As effects from the SolarWinds attack remain and COVID-19 causes greater cybersecurity vulnerability, Biden has designated $10 billion for cybersecurity and information technology as part of the pandemic recovery package that the administration has put forth. Further detail of specific cybersecurity plans has yet to be shared.
This focus on cybersecurity comes as more news of the SolarWinds attack breaks. According to cybersecurity firm Trustwave, the company has come across three security flaws previously undetected in SolarWinds’ software. While there is no evidence that these vulnerabilities have been taken advantage of, SolarWinds put out instruction to address the flaws. As NBC News concludes, this vulnerability exposure only leads to more questions surrounding the software produced by SolarWinds, which is used by the likes of large corporations and government agencies. SolarWinds responded with an explanation of their efforts to collaborate with multiple parties to address the issues that have risen. As a Trustwave representative described, all software is subject to vulnerabilities, but considering the increased awareness, companies should continuously put their systems through testing.
Just before news of such SolarWinds vulnerabilities, Reuters reported that Chinese hackers are suspected of having also utilized flaws in the software to compromise computers owned by the U.S. government in 2020. Included in those impacted by the breach is the U.S. Department of Agriculture’s payroll organization according to FBI investigators. Reuters was not able to confirm how many other organizations may have been targeted by this attack likely carried out by Chinese state-supported operators. The USDA said that they have notified relevant parties and, in another statement, said that there was no breach. In its response, SolarWinds stated that there was nothing “conclusive.” Although connected to the same company, the SolarWinds bug that Chinese hackers potentially accessed is reportedly different from the actions carried out by Russia. If the hackers did access the payroll system, information such as government employees’ social security numbers could be at risk.
“Biden: US taking ‘urgent’ steps to improve cybersecurity” – Maggie Miller, The Hill
- President Biden and his administration have categorized cybersecurity as a key priority with focuses that include Russia and China.
- In addition to actions such as the creation of the deputy national security adviser for cyber and emerging technology role, the administration will be “…launching an urgent initiative to improve our capability, readiness and resilience in cyberspace.”
- As a part of the COVID-19 recovery package proposed by Biden, $10 billion was included for cybersecurity and information technology.
“More exploitable flaws found in SolarWinds software, says cybersecurity firm” – Ken Dilanian, NBC News
- Cybersecurity firm Trustwave reported that they have detected three new security vulnerabilities in SolarWinds’ software.
- There is no evidence as of now that the flaws found have been taken advantage of.
- SolarWinds responded by releasing a method to fix these vulnerabilities and explained that the company is continuing to work with partners and agencies to further develop the response to the attack.
“Exclusive: Suspected Chinese hackers used SolarWinds bug to spy on U.S. payroll agency – sources” – Christopher Bing, Jack Stubbs, Raphael Satter, Joseph Menn, Reuters
- Reuters reported that Chinese hackers may have also exploited vulnerabilities in software operated by SolarWinds.
- Of those potentially impacted is the National Finance Center, a federal payroll agency inside the U.S. Department of Agriculture.
- In response to the report, SolarWinds stated that there is nothing “conclusive” yet. The USDA has released two statements. One said that they have notified relevant parties and another statement said that there was no breach.