National Security official says SolarWinds hack was 'sophisticated, advanced, persistent' threat
Anne Neuberger, deputy national security adviser for Cyber and Emerging Technologies, gave an update during Tuesday's White House press briefing on the SolarWinds hack, saying those responsible were “likely of Russian origin,” that it was “launched from inside the United States” and that it could take “several months” to complete the investigation.
She said that as of Wednesday, "nine federal agencies and about 100 private sector companies were compromised.”
“The techniques that were used lead us to believe that any files or emails on a compromised network were likely to be compromised…The actor was a sophisticated, advanced persistent threat. Advanced, because the level of knowledge they showed about the technology and the way they compromised it truly was sophisticated. Persistent, they focused on the identity part of the network, which is the hardest to clean up." Neuberger said. "And threat, the scope and scale to networks, to information makes this more than an isolated case of espionage.”
Neuberger said that this was a “sophisticated actor” who is believed to have taken “months to plan and execute” the attack.
When asked by ABC News Senior White House Correspondent Mary Bruce if there is a price tag to the total cost of damage to the U.S. government, Neuberger broke it down into two parts: investments in infrastructure and the “scale of the information that was potentially compromised.”
“One is it's really highlighted the investments we need to make in cybersecurity to have the visibility to block these attacks in the future. And then the second is the scale of the information that was potentially compromised and the impact of how that information could be used in the hands of a malicious actor. So it's -- there's certainly a cost with regard to dollars," Neuberger said. "It's also a cost with regard to national security, and we're bounding and understanding both.”
Bruce also asked if it could potentially take years to try to secure some networks going forward, but Neuberger was quick to say “we certainly don’t have years.”
“It's wise when planning in cybersecurity to consider the worst case, particularly when you're dealing with such a sophisticated attacker in that way, so we know we don't have years, and the remediation, the fix and cleanup work is underway already," Neuberger said. "And we'll be doing it in a careful way to ensure that we lock down layer by layer, but we know it's going to be a lot shorter than that.”
-ABC News' Justin Gomez