SolarWinds Attack by Russian Hackers Highlights Need for Better Cyberhygiene

January 24, 2021 – A recent cyberattack against SolarWinds—a Texas-based company which sells software that allows organizations to see what’s happening on their computer networks—serves as an urgent reminder that the United States needs to maintain top-notch cyber hygiene, said speakers at a Government Executive event on Thursday.

Reports claiming that the U.S. Departments of Homeland Security, State, Commerce, and Treasury, among many U.S. corporations and governments worldwide, are victims of a malicious Russian cyberattacks have recently circulated.

Allegedly, in a supply-chain attack, Russian hackers slipped malicious code into a legitimate software update as it was under assembly.

Efforts to address and prevent issues like the SolarWinds cyberattack are being fueled by the Department of Defense Information Systems Agency’s “Comply-2-Connect” program. The program utilizes software created by Forescout’s Technologies, Inc. which provides the highest level of assurance for authentication, authorization, compliance assessment and automated remediation of devices connecting to the DoD information network.

The Defense Information Systems Agency  has already deployed C2C capabilities with the Navy and Marine Corps to help the U.S. government manage over 20,000 endpoints of smartphones, laptops, and desktop computers. Yet, according to Marine Corp’s C2C Project Manager, Captain David Tan, more limited use cases need to be discovered and more automation needs to be built out, to ensure C2C will deliver.

To implement the C2C system, engineers start from scratch learning the systems abilities from the ground up, said Tan. He used a common military phrase, “we own the night,” to explain the importance of C2C, saying “we need to see our digital environment in real-time and see who is connected, what is connected, and where people and things are connected.”

Part of the challenge to implementing C2C is understanding how to deploy 802.1X, added Carmen Santos-Logan, a team lead for Enterprise Cybersecurity Capabilities at the Department of Defense. 802.1X is an IEEE Standard for Port-Based Network Access Control, which provides protected authentication for secure network access. 802.1X will interrogate the security framework of C2C and is expected to ensure the software is meeting manufacturing standards, she said.

There have been efforts with the National Security Administration to figure out how automation can be deployed to assist with cybersecurity efforts and find improvements that can be made to endpoints connected to networks’ backbones.

The government further recognizes it is imperative to national security efforts to know where its endpoints are, and where the software and network components it utilizes are developed.

When there are Chinese-based products in U.S.-deployed systems, we need to remember that those do not always have the best interests of the U.S. government in mind, said Santos-Logan, adding that the government needs to know where their technology is coming from.

According to the panel, there is still much work to be done on developing technical implementation protocols, security policy libraries, and interrogation work for automated security policies as C2C is implemented.