Sens. Seek Info on Cyber Defenses and EINSTEIN Limitations – MeriTalk
In a letter to top Federal cybersecurity experts, Homeland Security and Governmental Affairs Chairman Sen. Gary Peters, D-Mich., and Sen. Rob Portman, R-Ohio, ranking member on the committee, are requesting information on how U.S. cyber defenses were unprepared for the recent SolarWinds Orion and Microsoft Exchange compromises and on the limitations of the EINSTEIN system.
“As our hearing highlighted, there is no easy solution to advanced persistent cyber threats,” the senators wrote. “Time and again this Committee has discussed the challenges of defending against sophisticated, well-resourced, and patient cyber adversaries. Nevertheless, the fact remains that despite significant investments in cyber defenses, the federal government did not initially detect this cyber-attack.”
Acting Director of the Cybersecurity and Infrastructure Security Agency (CISA) Brandon Wales and Federal CISO at the Office of Management and Budget (OMB) Chris DeRusha were each sent a letter. The two experts recently gave testimony to the committee as part of their investigation into the hacks.
The hearing also highlighted limitations of the EINSTEIN intrusion detection and intrusion prevention system, which “sits on the perimeter of civilian Federal agencies’ computer networks.” With the authorization for the Department of Homeland Security to operate EINSTEIN lapsing on Dec. 18, 2022, the senators want to work with CISA on determining whether and how to reauthorize the program to address limitations.
“Mitigating vulnerabilities and reducing legacy information technology that serve as open doors to malicious hackers is also important, the senators wrote. “So will be deterrence efforts that create real-world consequences for cyber-attacks against the United States— investigation, attribution, prosecution, and sanctions.”
They added that “at the national level, our cybersecurity strategy will require careful consideration of the appropriate role of the Federal government, companies, and citizens in cyber defense, especially when it comes to nation-state actors with near unlimited resources and time.”
