Wednesday 03 Feb 2021 @ 13:38
Chatham House
Printable version

The SolarWinds Hack: A Valuable Lesson for Cybersecurity

EXPERT COMMENT

While the SolarWinds hack will not be the last of its kind, focusing on what it was not can help ensure effective preventative measures are implemented.

In mid-December 2020, the biggest cyber intrusion known to date was discovered in the United States, the world’s leading cyber power. The global reach of the incident, and the nature and number of affected US government agencies –  most notably the US Energy Department which controls the National Nuclear Security Administration – is unprecedented. A joint statement by the FBI, the National Security Agency (NSA) and others, concluded that Russia is ‘likely’ to be behind the hack. Although it is tempting to focus on options for a potential response, such as ‘cost imposition’ or the use of offensive cyber capabilities - and even on the purported failure of the US strategy to ‘defend forward’ – there is also value in paying attention to what this wasn’t, to ensure that future preventative action is appropriately focused.

Maintaining perspective

The conduit for the cyber intrusion was a software update provided by a private company called SolarWinds. SolarWinds and Microsoft have called it a very ‘sophisticated’ operation. The intrusion was able to insert ‘back doors’ into the networks of dozens of companies, government agencies, and think-tanks across the US and beyond, thus gaining persistent access – and it was nearly a year before it was detected. Such elaborate methods require cybersecurity measures which must be constantly revised, tried and tested. This level of preparedness and monitoring is a challenge and engenders discussion about the need for national strategies to proactively counter and deter such cyber operations, rather than focus on the use of offensive cyber capabilities or 'cost imposition'.

It is therefore important to maintain perspective and focus on the original cause of the incident; a supply chain weakness which, in 2020, arguably should never have happened. Some have therefore called this an ‘unacceptable... big failure’ of cybersecurity. So rather than reverting to the kind of sabre-rattling rhetoric which may only serve to further destabilize cyberspace, the SolarWinds intrusion could prove to be a simple, albeit critical, lesson for everyone involved.

A related point hinges on the fact that the breach was discovered by a private cybersecurity firm called FireEye, which reported it to the US government. Fire Eye was not legally required to report it but did so voluntarily, and we will never know what could have happened had it chosen not to do so. This is a valuable lesson which should inform the debate on the role of the state in private sector cybersecurity and the importance of sharing cybersecurity threat intelligence between the public and private sectors, as highlighted by Microsoft President Brad Smith, as well as the role of non-state actors in technical attribution.

Click here to continue reading the full version of this Expert Comment on the Chatham House website.

 

Channel website: https://www.chathamhouse.org/

Original article link: https://www.chathamhouse.org/2021/02/solarwinds-hack-valuable-lesson-cybersecurity

Share this article
RESEARCH EXPERTS EVENTS MEMBERSHIP ACADEMY ABOUT

 

Latest News from
Chatham House

A new European Court of Human Rights ruling has established a vital new precedent

18/04/2024 13:10:00

The judgement shows litigation can be used to hold governments to account on their climate ambitions – but much will depend on policy outcomes.

Fiscal incontinence is going global and could pose a risk to financial stability

16/04/2024 15:10:00

While the global economy is showing signs of strong growth, public debt levels in emerging markets are rising at an alarming rate.

Iran’s attack on Israel was not the failure many claim but it has ended Israel’s isolation

16/04/2024 10:20:00

The strikes demonstrated a more assertive approach from Tehran, but the region’s security now depends on Israel’s ability to play a longer game.

The strike on Iran’s consulate in Syria could be the spark that ignites the Middle East

15/04/2024 16:10:00

Israel’s attack signalled a shift in its strategy towards Iran. Tehran’s response and the US promise of ‘ironclad’ support for Israel risks escalation of this transnational conflict.

Iran’s desire to retaliate after Israel’s Damascus strike is balanced with its need to avoid a wider conflict

15/04/2024 14:20:00

Tehran’s dilemma is finding a response that maintains its position in the ‘axis of resistance’ but does not precipitate an escalation which it would likely lose.

The US-Japan meeting reveals the conviction of both nations to counter China

15/04/2024 11:20:00

Prime Minister Kishida’s state visit to Washington focused on security, but that alone will not be enough to influence the Indo-Pacific and beyond.

India’s geopolitical heft will trump concerns over the state of democracy as it goes to the polls

12/04/2024 13:10:00

As Modi heads towards a third term, concerns about India’s imperfect democracy will matter less to the West than its potential as a bulwark against China.

Russia’s veto on UN sanctions monitoring will further embolden North Korea

09/04/2024 13:20:00

With a UN Security Council increasingly stymied by great power politics, the US and its regional allies must lead efforts to constrain an increasingly dangerous North Korea.

Is China eyeing a second military base in Africa as the US struggles to maintain one in Niger?

27/03/2024 09:20:00

China’s long-term strategy around bases in Africa is unclear, but countries hosting them must also make political calculations.

Exclusive offers, deals and discounts available to public sector staff, past and present!