White House cyber adviser says it will take months to investigate Russian hack

Christopher Bing
·2-min read
FILE PHOTO: SolarWinds Corp. banner hangs on the company's IPO at the NYSE in New York

By Christopher Bing

(Reuters) - The White House's top cybersecurity adviser said on Wednesday an investigation into a sprawling Russian hacking operation against the United States, known as the SolarWinds hack, will take several more months to complete.

White House Deputy National Security Adviser for Cyber and Emerging Technology Anne Neuberger said that a total of nine federal agencies and 100 private-sector companies had been affected by the hack, which first came to light in December.

She also said that a number of the affected private-sector companies were technology companies, which were breached to facilitate access to other victims.

The FBI, the Department of Homeland Security and several other U.S. government agencies have been digging into affected computer networks ever since the hacks' discovery to find clues about the attackers. While multiple U.S. government officials have said the hackers came from Russia, they have offered little additional detail.

"We believe it took them months to plan and compromise," said Neuberger. "It will take us some time to uncover this layer by layer."

The Biden administration is currently working on set of cybersecurity policies to prevent a similar style attack, and Neuberger predicted some of these recommendations would become part of an upcoming "executive action.”

Government statements and public reporting have revealed that a diverse list of federal agencies were breached by the hackers, including the Justice, Treasury, Homeland Security and Commerce departments. In those cases, the hackers typically attempted to steal emails belonging to high-ranking officials, Reuters previously reported.

"When there is a compromise of this scope & scale, both across govt & across the U.S. technology sector to lead to follow on intrusions, it is more than a single incident of espionage," said Neuberger. "It's fundamentally of concern for the ability for this to become disruptive.”

The recent government cyberattack is commonly referred to as the SolarWinds hack because of how the cyberspies exploited software created and sold by Texas technology company SolarWinds, which makes a popular network management tool that is commonly deployed across both U.S. government and private sector computer networks.

While SolarWinds was the first known supply chain victim of this hacking campaign, cybersecurity experts and government officials have cautioned that other technology companies were similarly exploited as part of the same operation.

(Reporting by Christopher Bing; Editing by Chris Reese, Nick Macfie and Jonathan Oatis)