Hacker
SolarWinds Hack Affected Emails of Homeland Security Leaders
The Department of Homeland Security reported that hackers gained access to email accounts of “a small number of employees” during the SolarWinds data breach.
The hackers targeted then-acting DHS Secretary Chad Wolf and at least one other cabinet member, forcing top department officials to get new phones with the encrypted messaging system Signal installed, the Associated Press reported Tuesday.
“The Department no longer sees indicators of compromise on our networks and remains focused on further securing our networks against future attacks, integrating lessons learned from this incident,” a DHS spokesperson said in a statement.
DHS added that the compromise demonstrates the increasing sophistication and capabilities of the department’s strategic adversaries.
Brandon Wales, the acting director of the Cybersecurity and Infrastructure Security Agency, previously acknowledged weaknesses in the federal government’s perimeter-focused intrusion detection system.
The Russia-linked SolarWinds hack reportedly compromised the networks of at least nine federal government agencies and hundreds of American companies.
CISA has since been exploring ways to internally monitor anomalous activities across networks, with plans to implement a network management system that can conduct external communications through an encrypted channel.
The agency recently secured $650 million from the American Rescue Plan Act, money that it is expected to be used, in part, for the SolarWinds recovery effort.
Eric Goldstein, the executive assistant director for cybersecurity at CISA, has provided members of the House Appropriations Subcommittee on Homeland Security with details on the agency’s spending plan, Federal News Network reported.
The money will go to four focus areas: the deployment of detection sensors, the expansion of capacity for incident response, the expansion of capacity for cybersecurity information analysis and the implementation of zero trust security across agencies, Goldstein said.
Category: Cybersecurity