The SolarWinds attack: A modern-day Pearl Habor?

To answer this burning question, senior contributor Ted Koppel sat down with leading cybersecurity experts, including IronNet’s Co-CEO General (Ret.) Keith Alexander, to gain insights on the SolarWinds/SUNBURST incident speculated as a Russian cyber attack. As Koppel notes, “When it was finally, belatedly discovered, the outrage, for a few days at least, was epic.”

While the private and public sectors have come together for rapid incident response of this egregious backdoor attack, which infected more than 18,000 corporate and government networks, the question remains, Was this a traditional, massive espionage operation or a “cyber Pearl Harbor”? 

Here is what General Alexander and other experts are suggesting:

  • General (Ret.) Keith Alexander: “I think the real objective is to gain information; they want insights into what’s going on in our country.” Whether the Russians have planted “cyber landmines,” which would allow the adversaries to have access to critical infrastructure, is yet to be determined.
    “There have been no insights yet as to the Russians actually setting landmines as opposed to gathering information, but we can think of this as the recon phase. During this point of intrusion, they could set up backdoors so they have a way of getting in and out of the networks.
    Screen Shot 2021-01-03 at 12.29.10 PM“You don’t necessarily have to set up [cyber] landmines at that time; you would probably keep your information on those networks down low so that it’s not detectable, and just have the backdoor capability to get in, and then do something when the need arises.”
  • Theresa Payton, former White House Chief Information Officer, points out in the segment, “This vulnerability allowed the nefarious cyber operatives to create what we refer to in the industry as ‘God access or a God door,’ basically giving them rights to do anything they want in stealth mode.”
  • Richard Clarke, the first “cyber czar” of the U.S. and current Chairman of Good Harbor cybersecurity consulting company: “This is not just about an espionage attack. This is about something called preparation of the battlefield, where they are now able, in the time of crisis, to eat the software in thousands of U.S….