The SolarWinds Cyberattack (Essay Sample)

The SolarWinds Cyberattack Name Institution Course Professor Date The SolarWinds Cyberattack The Department of Homeland Security (DHS) is the icon of cyber security in the country; hence, the news of a cyberattack on its systems sends waves of panic and nostalgia across the country. The DHS and its constituents are mandated to uphold cybersecurity resilience across the nation’s information technology infrastructure to identify damaging cyber activity and implement advanced solutions. Therefore, when the malware from Russia was detected in December 2020 and believed to have been running for months, the robustness of the DHS’s cybersecurity protection was questionable. Therefore, as one of the most recent and sophisticated cyberattacks that went beyond the cyberespionage campaign, it is necessary to understand its magnitude, effects, and how the DHS was involved in addressing the situation. The attackers, who the Cybersecurity and Infrastructure Security Agency (CISA) regarded as having shown elaborate tradecraft, operational security, and patience, managed to attack the DHS through a SolarWinds Company’s software: Orion. Orion is a performance monitoring application that businesses use to check their infrastructure. Even though infiltration had happened much earlier, it was not until December 12, 2020, that it was discovered. FireEye, a private cybersecurity company, noticed malware that came to be known as the Sunburst malware (New York Department of Financial Services (2021). The cyberattack was in the form of cyber espionage that had run for months; thereby, it exposed national details to an unknown level of magnitude. The Russians, who were the perpetrators of the cyberattack, had managed to gain access to valuable and sensitive networks for at least six months as they had utilized sophisticated techniques not previously known to America’s cybersecurity team (Johnson & Bomet, 2020). It is believed that after infiltrating customer systems, as the hackers had their spying objectives on particular subjects, they removed the malware from SolarWinds software but stayed on the company’s customer systems. The essence of the malware was to spy on the target, and by the time it was discovered, it had become a multidimensional approach that would require more time to address. It compromised federal, state, and local government agencies’ data as well as that of private organizations and American citizens, all of whom were customers of the SolarWinds Company. The magnitude of its effects had not been well understood by the time it was discovered, but experts stated that since it was a developing situation, the effects could be discovered over the years (Marelli, 2022). It was also postulated that it could take years before the security of the networks would restore their level of security, according to a statement by Bosset (Jibilian & Canales, 2021). Given the kind of access by the attackers for at least six months, the hackers could terminate or modify data while impersonating government officials. The hackers, who are believed to have originated from Russia and involved top government officials, resulted in strained relationships between the two states as the U.S. placed sanctions on around 12 Russian intelligence officials for their involvement in the SolarWinds attack. All the same, there was a gain from the SolarWinds Attack as it led to a more robust association between the federal government and the private industry. FireEye is the private company that detected the malware and surpassed the U. S. Cyber Command, which is well-funded to cushion American networks. The private sector was involved through supplemented efforts by the federal government to eliminate bad foreign actors and national attacks (Jibilian & Canales, 2021). Sequentially, the move creates an opportunity for improved collaboration between the government and corporates while ensuring they are well-funded to ensure they install and use state-of-the-art technologies to enhance the cyber security of the systems (Willett, 2021). As a result, the cyber security strategic response team increased and was diversified. The proposed immediate interventions involved disconnecting and patching to remove the malware as well as decommissioning Orion by using an alternative product. Government users were asked to disconnect the already compromised SolarWinds software as an immediate response because it had been used as the channel for infiltrating various American government agencies, including the DHS (Stubbs et al., 2020). The New York Department of Financial Services (2021) reports that SolarWinds released patches to remove the malware within 2-3 days. Nonetheless, some users adopted to decommission Orion and use an alternative monitoring product for their businesses, although adopting effective cyber security measures is the most important solution. Nonetheless, a bill by Representative Don Bacon (NE -02) that gained the approval of the Homeland Security Committee is meant to ensure continued activity against cyberattacks by anticipating possible invasions. Given that the SolarWinds attack had targeted the private sector to reach the government, the bill is meant to protect the private industry from cyber espionage (“Bacon’s DHS cyber security bill,” 2022). Sequentially, this would help to uphold the cyberespionage campaign whose developments were unclear due to the unfathomable intrusions, such as that of the SolarWinds Company. The bill is meant to give the DHS the power to consistently review cyber security policies and develop response plans to ensure the federal’s response system stays updated in alignment with evolving cyberattack threats. The bill is ...