Former CISA Chief Expects More SolarWinds-Level Hacks

The United States should expect more data breach attempts like the SolarWinds attack, according to a former director of the Cybersecurity and Infrastructure Security Agency.

Chris Krebs, a two-time Wash100 winner, said China, Russia, Iran and North Korea will likely continue conducting such operations until the United States decides to stop tolerating them, GCN reported Thursday.

Speaking to the House Homeland Security Committee, Krebs recommended imposing targeted financial sanctions on oligarchs and adversarial nations to help prevent the attacks.

Krebs said such sanctions would be more effective if they are matched by the United States' international allies

In early January, SolarWinds hired a cybersecurity consulting business formed by Krebs to provide security advice.

Krebs previously said he plans to dedicate himself to the new business, which was created to recommend security practices for multiple clients and combat coordinated misinformation.

The SolarWinds hack, which was widely attributed to Russia, compromised the networks of thousands of U.S. federal organizations, leading to a series of data breaches.

During the committee hearing, Cyber Threat Alliance President and CEO Michael Daniel said all available information points to the data breach being an act of espionage.

Krebs said “there are certain behaviors that, unfortunately, are within the realm of acceptable cyber behavior," including espionage against a federal government.

Former Principal Director of National Intelligence Sue Gordon told the committee that the government simply cannot stop all attacks.

She recommended that the government establish what kinds of attacks and impact should warrant a response. The government should also not limit its responses to a cyber attack with a cyber response, Gordon said.

Sign Up Now! Potomac Officers Club provides you with Daily Updates and News Briefings about Cybersecurity

Join Us Now