The SolarWinds hack, one of the largest cybersecurity incidents in U.S. history, may have been deterred or minimized if basic security measures had been put in place, a top government official acknowledged earlier this month.
In a June 3 letter to Sen. Ron Wyden (D-Ore.) provided to The Hill on Monday, Cybersecurity and Infrastructure Security Agency (CISA) acting Director Brandon Wales agreed with Wyden’s question over whether firewalls placed in victim agency systems could have helped block the malware virus used in the SolarWinds attack.
“CISA agrees that a firewall blocking all outgoing connections to the internet would have neutralized the malware,” Wales wrote.
He stressed, however, that while the agency “did observe victim networks with this configuration that successfully blocked connection attempts and had no follow-on exploitation, the effectiveness of this preventative measure is not applicable to all types of intrusions and may not be feasible given operational requirements for some agencies.”
Wales said that CISA does not have numbers on how many federal agencies were segmenting and segregating their networks, a key security guideline the agency has long recommended as a way to prevent hackers from moving through sensitive networks.
He also emphasized that CISA is making “urgent improvements” to increase its understanding of cyber threats to federal networks, including using some of the $650 million included in the American Rescue Plan Act to move security protections inside of agency networks instead of just guarding the perimeters.
“We must ensure the development of a modern cybersecurity governance structure and capabilities,” Wales wrote. “We need cybersecurity tools and services that provide us a better chance of detecting the most sophisticated attacks. And we need to rethink our approach to managing cybersecurity across 101 Federal Civilian Executive Branch agencies.”
Reuters first reported the letter and its findings Monday.
Video: Microsoft warns of new hack by group behind SolarWinds attack (CNBC)