In the Wake of the SolarWinds Breach: President Biden Pivots U.S. Towards Prioritizing Cybersecurity
January 25, 2021
By: Jessica L. Copeland Kathleen H. McGraw
In December 2020, the United States discovered that it had fallen victim to a major cyberattack believed to be backed by a Russian intelligence agency. The sophisticated attack was perpetrated through Orion, an IT management software platform developed and provided by SolarWinds to its tens of thousands of customers. The hackers implemented malware into the Orion software so when SolarWinds pushed an update out to its customers (as is common practice), the malware made its way onto the customers’ servers. From there, the hackers gained unfettered access to the infected servers.
The attack went undetected for months and infected both private and public sector companies and agencies. It wasn’t until a private cybersecurity company, FireEye, discovered and revealed the SolarWinds breach to law enforcement. Until then, the U.S. was unaware that it had fallen victim to this cyberattack.
While the attack is thought to be an act of espionage by the Russian government and not an act of war, some commentators have compared the breach to a “cyber 9/111” or a “cyber Pearl Harbor.2”
The extent of the attack on the U.S. government, including exactly what data has been compromised and which agencies were targeted, is still unknown—and is unlikely to be fully known any time soon. Among the agencies known to have been victimized are the Department of the Treasury, the Commerce Department, the Department of Defense, the Department of Energy, the Department of Homeland Security, the Department of Justice, the State Department and the National Institute of Health. This list is expected to grow as the investigation and cleanup continues. What remains clear, however, is that the U.S. was and still is vulnerable to this sort of cybersecurity breach.
One immediate fallout from the SolarWinds breach is that it has exposed truly how vulnerable the country is to large-scale cyberattack. It doesn’t take a cybersecurity or intelligence expert to understand—even from the short list of federal agencies known to have been targeted—that the type of potentially compromised data can have crippling national security effects. And it’s not just the Russians that are targeting U.S. cyberspace.
On Jan. 3, 2021, New York air traffic controllers received a cryptic message on their radio frequency that threatened to fly a plane into the Capitol to avenge the death of Iranian general Qassem Soleimani. While it is not clear at this point that the threat in fact came from Iran, the message itself evidences a breach of the U.S. air traffic control radio frequencies. Although the threat was not determined to be credible, the FAA and the FBI are still investigating how the frequency breach occurred. Breaching government telecommunications platforms, including radio frequencies, has been a threat since the British’s interception and decryption of the infamous Zimmermann Telegram encouraged the US’ entry into World War I in 1917, but this sort of breach into U.S. air traffic control is still unnerving more than a hundred years later.
Looking forward, the U.S. is likely to pivot towards making cybersecurity and cyber-defense a national priority. In response to the SolarWinds breach, the Biden administration has promised to “make cybersecurity a top priority at every level of government.3” Furthermore, President Biden has committed to roll out a $9 billion plan to enhance U.S. cybersecurity by partnering with private sector companies. This could mean a serious overhaul in U.S. cybersecurity and data storing practices which hopefully will result in the U.S. taking a proactive and aggressive stance on national cybersecurity.
If you have any questions about the content discussed here, or privacy laws or rules in general, please contact Jessica Copeland, Kathleen McGraw, any of the attorneys in the Cybersecurity and Data Privacy practice or the Bond attorney with whom you routinely communicate.
1 See "SolarWinds Orion Breach – What It Means for the Industry Writ Large,” Recorded Future; Gilman Louie, “SolarWinds hack: What we must do to avoid the next attack,” The Hill.
2 See Steve Grobman, “Why SolarWinds-SUNBURST is our Cyber Pearl Harbor,” McAfee; According to CBS News, Colorado Democratic Rep. Jason Crow called referred to it as "our modern-day 'Cyber Pearl Harbor'"; Lindsay McKenzie, “What SolarWinds Hack Means for Campuses,” Inside Higher Ed.
3 See "Biden Calls Cybersecurity a ‘Top Priority’ After Russian Hack," Bloomberg; "Cybersecurity to Get $9 Billion Boost in Biden Plan After Hack," Bloomberg.