Biden Likely to Take Executive Action on SolarWinds Hack

(TNS) — President Joe Biden is likely to address the various security gaps that led to the SolarWinds hack that has thus far exposed at least nine U.S. federal agencies and about 100 U.S. companies, Anne Neuberger, the White House deputy national security adviser for cyber and emerging technology, said Wednesday.

“We are working on close to about a dozen things; likely eight will pass. They’ll be part of an upcoming executive action to address the gaps we’ve identified in our review of this incident,” Neuberger said at her first White House briefing since being named to coordinate the U.S. government response to the hack.

Those actions are part of a three-step process to find and remove malware, fix gaps in security and design a response, Neuberger said.

Cybersecurity experts have said the hack is one of the most devastating cyberattacks ever perpetrated. Russian intelligence agency hackers are said to have gained access to servers belonging to network computer management software maker SolarWinds and inserted malware into the software that was then downloaded by at least 18,000 customers of the company, including U.S. government agencies and Fortune 500 companies.

The cleanup effort could take months and could identify more victims, even as new attacks emerge, Neuberger said.

“The scale of the potential access far exceeded the number of known compromises,” she said. “Many of the private sector compromises are technology companies, including networks of companies whose products could be used to launch additional intrusions.

“We believe we’re in the beginning stages of understanding the scope and scale, and we may find additional compromises,” she said.

Files, emails and other material on the networks of companies and agencies that have been affected may be compromised, and the investigation underway…