Today The Department of Homeland Security announced its third federal agency to have fallen victim to a major cyberespionage campaign by the Russian government–the departments of Treasury and Commerce announced theirs over the weekend.
Robert Cattanach is a partner at the international law firm Dorsey & Whitney. He has previously worked as a trial attorney for the United States Department of Justice and was also special counsel to the Secretary of the Navy.
Today he is a expert on cybersecurity and data breaches, privacy and telecommunications, and international regulatory compliance. Of the news he says,
“The compromise of some of our country’s most sensitive public and private entities, presumed to have been executed by Russian attackers, calls into question whether any data can confidently be considered still secret.
The attack was audacious in scope, severity, and execution. Fireeye and Solar Winds have long been considered the gold standard by public and private cyber experts.
The mere fact that their systems were breached, and apparently their most sensitive and potentially dangerous information stolen, without detection until it was too late, means that countless major private and public entities that had been relying on these companies, as well as those sharing information with the compromised federal agencies including especially the Department of Homeland Security, must assess whether any of their data can still truly be considered uncompromised.
The sophistication of the hack means that the known victims will be frantically investigating the extent of the compromise, a process which will require months, and which is fraught with uncertainty as forensic experts scramble to recreate the attackers point of entry, lateral and vertical movements, and access to highly sensitive information.
The targets of the attack will not know with any confidence for several more weeks and possibly months which of their systems was compromised, what immediate steps need to be taken to restore integrity, and what threats might still be lurking.
And that is only the beginning. Those entities that had been relying on Fireeye and Solar Winds, but which may not know if their systems also have been compromised, will have to take emergency measures to reassess their security posture and make contingency plans for responding to what could be devastating revelations about the ripple effects of the attack,” Cattanach says.