Reactions have come in from the foreign policy experts to last week’s move by the Biden administration to punish Russia for the SolarWinds hack. As covered in the Wall Street Journal, this is a significant change with previous foreign policy that has tolerated cyber espionage. Administration officials deemed this hack beyond the boundaries of acceptable cyber operations because of the scope and scale.
In that vein, Senator Mark Warner has called for coordination between the EU and US over common cyber security standards. “I increasingly believe that our failure to have any kinds of joint cybersecurity policies or even joint cybersecurity norms could be something that could really be potentially devastating,”, the senator said.
The White House is closing its coordinating groups for the SolarWinds and Exchange hacking campaigns, as announced on Monday. This is a signal of a return to normalcy.
Also released, a NSA-CISA-FBI advisory that details the tradecraft, and a CISA Malware Analysis Report. The NSA-CISA-FBI advisory centralizes information about vulnerabilities the SVR is known to have exploited and provides recommendations regarding potential mitigation actions that entities can take. The Malware Analysis Report (MAR) provides a more granular assessment of the tools the SVR used in the SolarWinds compromise, including detailed analyses of 18 files associated with the compromise
Why do we care?
Norms and standards about cyber are changing at a nation state level. Yesterday we covered the NATO wargames, and here you see more. Politicians calling for coordination, and changes in policy. We care because policy is a portion of regulation, which is going to influence how we all operate in that realm.
Tactically, we can mark the end of the incidents from a governmental perspective. And we have that full report for engineers to dig into to understand how the breach happened. You have your homework.