The Biden budget includes $750 million for an all-agency response to the SolarWinds attack. This money is in addition to $500 million in funds previously allotted for cybersecurity expenses on the Federal level.
The money is earmarked to pay for cybersecurity upgrades and damage control. It is also intended to help prevent another attack on the nine U.S. government agencies that were hit by the complex hack. Even the U.S. State Department and Treasury were hit.
Massive technology attack
The hack of information technology company SolarWinds went public in December 2020. The hackers got access to thousands of companies including security firms and government offices using the God-mode key. And the key was stolen from FireEye, in a hack.
Researchers and IT experts have been concerned that weaknesses in the NSA algorithm can be and have been exploited. But the Congress has been unable to get much information. And wants cybersecurity to be a priority.
There are parallels between the SolarWinds and the 2015 Juniper hacks. Both events involve federally managed computer networks. And both put software supply chains at risk.
Ami Luttwak, CTO and co-founder of Wiz recently said, “Why are the SolarWinds hackers going after security companies? When you piece together the puzzle it becomes scary.” Ami Luttwak said via email. “They are trying to feed the beast, the more power they have, it gives them more tools and capabilities to attack more companies and get their capabilities as well. If we think about how this all started, they were after the FireEye tools… it’s like a game, they are attacking whoever has additional skills they can get.”
Both the United States and Britain blame Russia’s Foreign Intelligence Service (SVR), for the damaging attack. The SVR is in charge of foreign spying operations. It was previously known as the KGB.
The Microsoft Threat Intelligence Center (MSTIC) began tracking the SolarWinds attack in December 2020. MSTIC tracked the campaign of Nobelium (previously known as Solarigate). It was noted that the attack was ongoing and “evolved over a series of waves demonstrating significant experimentation.”