“I am not confident that they’re off of the board yet,” one of the sources said. “They’re still very much out there, probably carrying out all sorts of operations.”
Asked directly whether that’s the case, Neuberger responded that attributing the hack to the SVR was designed to change its “calculus.”
“To really shape a country’s use of cyber, you have to shape the calculus they use on the value and the cost,” 她补充说. “The SVR is a sophisticated, persistent actor. They play a role as part of Russia’s intelligence collection, as part of their malign influence mission. And we know that to shape that calculus is not going to be one action.”
‘Significant gaps in cybersecurity’
The SolarWinds breach prompted a two-month review by the Biden administration that revealed “significant gaps” in cybersecurity across the federal government that was an “unpleasant” 吃惊,” said Neuberger, who had served during the Trump administration as the head of cybersecurity at the National Security Agency.
“Clearly our strategy heretofore hasn’t been working, because we see a growth in [俄语] cyber activity,” said Neuberger.
Last week the White House announced significant sanctions against Russia
, expelled Russian spies and attributed the SolarWinds breach to the SVR
, Russia’s intelligence service that focuses on foreign operations
. President Joe Biden called Russia’s actions
” and said he’d told President Vladimir Putin
, “We could have gone further.
作为回应, the SVR director called the moves “very ill-considered.”
For weeks leading up to the raft of actions against Russia, senior national security officials, including Neuberger and her boss, national security adviser Jake Sullivan, had said the measures they would take would be “seen and unseen.”
Neuberger declined to say whether any unseen actions have been taken, telling CNN: “You know what was conveyed and I’ll leave it at that.” Earlier this month Neuberger said it would include “private messaging,” warning which activities the government considers unacceptable.
Multiple sources told CNN that covert, offensive cyber operations against Russia were not mentioned by administration officials who have recently briefed lawmakers on their plans to hold Russia accountable, including the day before the measures were announced.
Cyber response options presented to NSC
In the weeks of discussions leading up to the announcement, various agencies sent a range of cyber response options to the National Security Council for consideration, according to a source familiar with the planning. It remains unclear whether the Biden administration has plans to act on any of those options.
The menu of potential cyber responses presented to the NSC only consisted of options that are considered legal, 道德的, moral and proportional, 消息来源补充说, noting that it did not include anything that would be considered escalatory or cause serious blowback.
Two more major hacks have come to light since SolarWinds, on Microsoft Exchange servers and Pulse Connect Secure, both believed to have been carried out by Chinese hackers. At least two dozen federal agencies use Pulse Connect Secure software and this week the Department of Homeland Security issued a rare emergency directive revealing the hack started almost a year ago.
This string of high-profile and deeply damaging breaches by hackers from — or connected to — foreign governments has forced the Biden administration to examine the root causes of why they’re doing it, Neuberger says.
A primary reason is that US cyber defenses aren’t hard or modern enough, an issue the White House says is going to be addressed with a new executive order in the coming weeks. Despite Neuberger’s senior role in intelligence and cybersecurity under President Donald Trump, 她说 “inheriting a crisis” in SolarWinds exposed how serious the country’s vulnerabilities are.
“I think what surprised me the most was, as we did the review of SolarWinds, seeing the significant gaps across federal government cybersecurity and the need for rapid, effective modernization,” 她说.
It was an “unpleasant” 吃惊, 她补充说, understanding “the degree of focus and modernization needed to really be where we need to be and make the federal government the gold standard.”
The hackers behind the SolarWinds breach managed to get into at least nine federal agencies in a highly sophisticated operation that is believed to have begun last March and was only discovered in December by the cybersecurity firm FireEye. There has been a fierce debate among officials and experts over whether the breach constitutes an attack by Russia, which may call for a counterattack.
“I call it a successful hack,” Neuberger said, “There’s a lot of word definitions around the word ‘attack’ that different people have different understandings of.”
The information accessed by the hackers helped Russia gather intelligence on how the US government works, said Neuberger, who had previously called the hack “more than an isolated case of espionage.”