At WH briefing, national security adviser Jake Sullivan says the U.S. is "still gathering information" about the "scope and scale" of the Microsoft Exchange hacking campaign.
Sullivan: "The precise number of systems that have been exposed by this vulnerability and have been exploited, either by non-state threat actors or ransomware hackers or others, that is something that we are urgently working with the private sector to determine."
Sullivan: "It is certainly the case that malign actors are still in some of these Microsoft Exchange systems, which is why we have pushed so hard to get those systems patched, to get remediation underway."
Sullivan: "The U.S. government is mobilizing a robust, whole-of-government response to it. Ultimately, a lot of this comes down to the private sector taking the steps that they need to take to remediate and we will give them everything we can to help them be able to do so."
On attributing Exchange, Sullivan says, "I'm not in a position standing here today to provide attribution, but I do pledge to you that we will be in a position to attribute that attack at some point in the near future."
"We won't hide the ball on that," Sullivan says of attributing the Exchange campaign. "We will come forward and say who we believe perpetrated the attack."
Sullivan also announced that the U.S., India, Australia, and Japan will create working groups on cyber and emerging technologies, among others, following today's "Quad" meeting of the four countries' leaders.
Sullivan: "The impetus behind this new cyber working group is not [SolarWinds and Exchange], both of which the United States is responding to with urgency, but also cyberattacks that have hit Japan, India and Australia just in the past few weeks and months."
Sullivan: "This is a common challenge that we face from both state actors and non-state actors, and we do intend to make the Quad a central vehicle for cooperation on cyber."
• • •
Missing some Tweet in this thread? You can try to
force a refresh
One year ago today, the WHO declared the coronavirus a pandemic, Tom Hanks got Covid, schools and sports shut down, and normal life in America evaporated for everyone not already working from home.
NBC just published a great collection of people's last "normal" photos, and they are absolutely haunting. nbcnews.com/specials/the-l…
"The cascade of announcements felt like a turning point in the crisis ... Ordinary life in many places will no longer be the same for the foreseeable future as society adjusts to a new reality that transforms everything..."
The House Appropriations homeland security subcommittee is about to start a hearing on "Modernizing the Federal Civilian Approach to Cybersecurity" with acting CISA chief Brandon Wales and new CISA Cyber Division head Eric Goldstein.
Wales and Goldstein will tell Congress that CISA needs better "visibility into agency cloud
environments and end-points," esp. in light of remote work. And they'll announce work with NIST on a "common baseline" of security rules, esp. for logging. docs.house.gov/meetings/AP/AP…
Wales and Goldstein, whose agency is dealing with SolarWinds and Exchange on top of its regular work, will also deliver this warning to appropriators: CISA's "incident response resources must be fortified now to ensure that we will not be overwhelmed in the future."
@Grace_Segers, @byrdinator, and I deliver on our show's name with a truly hoth take: Attack of the Clones gets too much hate and actually has a bunch of fun stuff in it. 😱🔥
One of the three men charged was previously charged in connection with this activity in 2018: justice.gov/opa/pr/north-k…
"The DPRK cyber threat has followed the money and turned its revenue-generation sights on the most cutting-edge aspects of international finance, including through the theft of cryptocurrency from exchanges and other financial institutions," AAG John Demers says on press call.
Scoop: The public-private ICT supply chain security task force plans to craft a legislative proposal to improve information sharing, including liability protections. Task force has found companies are afraid of vendors suing them for sharing info on risks. subscriber.politicopro.com/article/2021/0…
The supply chain task force approved the plan to develop an info sharing proposal at its 2/12 meeting, along w/ other projects (stay tuned for more on those).
The task force won't send its proposal directly to WH or Congress but will find other parties best positioned to do so.
"We wouldn't do the advocacy per se," a person involved in the task force's work said of the info sharing proposal. "We would provide the analysis and the motivation for [that advocacy]."
Naturally, this storm is worsening our already dysfunctional vaccine rollout process.
"Dallas hit 5 degrees on Monday morning, its coldest reading since 1989. ... In Dallas the average high on Feb. 14 is about 58 degrees, the average low 42 degrees."