The fallout from the most recent cyberattack on U.S. systems continues and more details are becoming clear.
The breach is so far being blamed on Russia. Its effect and impact will be measured in years, not months. The former No. 2 at the Office of the Director of National Intelligence, Susan Gordon, told CNBC that the attack “will take years to overcome,” adding that the attackers are not done, either.
“Information is the power and the target, and attackers are going to go after it,” Gordon said. “This is a big deal. This is bad for national security, it is bad for the cybersecurity discipline, the professionals and the craft.”
This hack was accomplished when companies used a third-party vendor, SolarWinds, to change and update security protocols, according to a leading tech CEO. “When any company or agency upgrades their software, ironically for security fixes and other changes, they introduce vulnerability because change has risks,” said Mark Douglas the founder and CEO of Steelhouse and former VP of tech at eHarmony.
The government agencies affected include the departments of Homeland Security, Treasury, Commerce, and the National Nuclear Security Administration.
Douglas cited the government’s role in cybersecurity. “We can clearly do more to prevent the hacking,” she told Shepard Smith on the CNBC program “The News with Shepard Smith. “Ensuring that every software company the government uses is secure from hacking should be a renewed focus.”
President Donald Trump has not yet publicly addressed the attack. President-elect Joe Biden issued a statement Thursday, saying in part, “I want to be clear, my administration will make cybersecurity a top priority at every level of government and we will make dealing with this breach a top priority from the moment we take office.”