Hello, Guest!

Cybersecurity

Paul Nakasone Highlights USCYBERCOM’s Role in SolarWinds Response

Paul Nakasone

Commander

USCYBERCOM

Paul Nakasone Highlights USCYBERCOM’s Role in SolarWinds Response

U.S. Cyber Command plays a key role in the government’s response to the SolarWinds cyber espionage campaign against federal agencies and American companies, according to the leader of the unified combatant command.

Four-star Gen. Paul Nakasone, a four-time time Wash100 awardee, said USCYBERCOM is supporting the FBI, the Department of Homeland Security, the Cybersecurity and Infrastructure Security Agency and the Office of the Director of National Intelligence but did not provide further details about his organization’s “ongoing response” to the hack, Breaking Defense reported.

USCYBERCOM is broadly responsible for unifying the Department of Defense’s operations, capabilities and expertise in cyberspace.

Nakasone made his statements at the eighth CYBERCOM Annual Conference, which was attended by more than 1,400 around the world.

On the same day as the event, cybersecurity company FireEye reported that it had discovered a two-stage backdoor with potential links to the threat actor associated with the SolarWinds campaign.

The backdoor, which FireEye named SUNSHUTTLE, has some detection evasion capabilities and was apparently designed for conducting network reconnaissance.

Former CISA Director Chris Krebs, a two-time Wash100 winner, previously told the House Homeland Security Committee that the United States should expect more data breach attempts on the level of the SolarWinds attack.

He said China, Russia, Iran and North Korea will likely continue conducting such operations until the United States decides to stop tolerating them.

Brandon Wales, CISA’s acting director, has acknowledged weaknesses in the government’s Einstein intrusion detection mechanism, whose perimeter-focused security measures proved incapable of stopping the SolarWinds hack.

According to Wales, CISA is exploring ways to internally monitor anomalous activities across networks by implementing an encrypted channel for outside communications. 

Potomac Officers Club Logo
Become a Potomac Officer Club Insider
Sign up for our weekly email & get exclusive event, and speaker updates, and find networking opportunities to connect with GovCon decision makers.

Category: Cybersecurity