The White House has told @sarasendek, the longtime head of public affairs for @CISAgov, that her services are no longer needed, Sara tells me. Today is her last day on the job.
As a political appointee, Sendek would have left government service by Jan. 20. But she was still actively helping run CISA's response to the #SolarWinds hack as well as the agency's work in support of the Georgia runoffs.
Sendek said she had planned to stay on the job in the coming days and that she was surprised to be asked to leave by the White House.
She said she was not given a reason for her dismissal.
(To be clear, there are other public affairs professionals who will stay on at @CISAgov. So there is still a comms shop.)
• • •
Missing some Tweet in this thread? You can try to
force a refresh
"NERC regularly collects information from utilities in response to cyberthreats. But this particular questionnaire exemplifies how the hunt for information related to the suspected Russian hacking operation is very much ongoing in the private sector as it is in government."
“At this time, NERC is not aware of any known impacts to bulk power system (BPS) reliability or system outages related to the SolarWinds compromise....
An update to this story from last night: Among the Iranians' alleged attempts to sow discord after the election was a fake letter purporting to be from Chris Krebs to Matt Gorham, assistant director of the FBI's cyber division. cyberscoop.com/fbi-iran-cisa-…
.@TomBossert at @AuburnCyber event: It's "premature" to frame the #SolarWinds hack exclusively as espionage. As for the espionage side of things, “the scale and scope of this is not excusable.”
Melissa Hathaway, ex-cyber adviser to GWB & Obama, praises FireEye for its transparency in dealing with the #SolarWinds breach, but calls for SolarWinds itself to be more transparent, saying the firm is responsible for intro-ing a considerable amount of risk into the supply chain
"The world was on fire before this wind blew through," ex-NSA deputy Chris Inglis says, somewhat poetically, in reference to #SolarWinds. He cites NotPetya and election interference as previous examples of disruptive/impactful cyber operations.
ICYMI. Yesterday was a wild day of infosec news. Allow me to recap our coverage:
Dragos raised $110M from the investment arms of Koch Industries, Saudi Aramco and others. ICS security has hit the big stage: cyberscoop.com/dragos-raises-…
The Norwegians implicated Fancy Bear in the hack on Norwegian parliament. The intrusion techniques were none too fancy, though: cyberscoop.com/norwegian-poli…
FireEye says hackers stole its red-team tools, suggests state-sponsored group is to blame cyberscoop.com/fireeye-says-h…
“The FBI is investigating the incident and preliminary indications show an actor with a high level of sophistication consistent with a nation-state,” said Matt Gorham, assistant director of the FBI Cyber Division.
This is a rare case of the FBI commenting on an ongoing investigation...
NEW: Norwegian police implicate Fancy Bear in parliament hack, describe ‘brute forcing’ of email accounts cyberscoop.com/norwegian-poli…
Thanks to @martingund for the translation help. You should read his story on the Fancy Bear revelation here (in Norwegian): nrk.no/norge/storting…
Fancy Bear’s use of brute-forcing is the latest example of how so-called advanced persistent threat groups “don’t necessarily use advanced techniques,” said @likethecoins: cyberscoop.com/norwegian-poli…