Retaliation – COOPER GENERAL NEWS

In writings and conversations over the past four years, Mr Sullivan has made it clear that he believes that traditional sanctions alone do not increase costs enough to force powers like Russia or China to talk about new rules for cyberspace.

However, government officials often fear that too strong a reaction could lead to escalation.

This is a particular problem with the Russian and Chinese attacks, in which both countries have clearly planted “back doors” to American systems that could be used for more destructive purposes.

American officials publicly say current evidence suggests that Russia’s intent in the SolarWinds attack was merely data theft. But several senior officials, who did not advocate an attribution, said they believed the size, scope, and cost of the operation suggested the Russians may have had much broader motives.

“I’m impressed with how many of these attacks undermine trust in our systems,” said Burt. “Just as there are efforts to get the country to distrust the electoral infrastructure, which is a central part of our democracy.”

Russia broke into the National Democratic Committee and state voter registration systems in 2016, mainly by guessing or obtaining passwords. However, when they hacked SolarWinds, they used a far more sophisticated technique that included code in the company’s software updates, rolling them deep into about 18,000 systems that used the network management software. Once inside, the Russians had high-level access to the systems with no passwords required.

Similarly, four years ago, a large majority of the Chinese government’s hacker attacks were carried out through email spear phishing campaigns. In recent years, China’s military hacking divisions have formed a new strategic support group, similar to the Pentagon’s Cyber Command. Some of the key hacking operations are carried out by the more secretive Ministry of State Security, China’s premier intelligence agency, which maintains a satellite network of contractors.

Beijing also began hoarding so-called zero days, bugs in the code that are unknown to software providers and for which there is no patch.

Testimony at the hearing included Sudhakar Ramakrishna, the new CEO of SolarWinds, who took over weeks after the breach was discovered and has since withdrawn from the intruder. He informed the Senate Committee that the Code had been removed from the company’s products. However, this is of little use to government agencies and companies that have already been breached, as the hackers can roam free once they are on their target computer networks.

Mr Ramakrishna also said that SolarWinds is still unclear how the Russian hackers got into the software they developed and embedded themselves there as early as fall 2019. When asked about the possibility of JetBrains making software tools, which will speed development and testing, Mr. Ramakrishna said there is still no evidence. The New York Times reported in January that an investigation was underway against JetBrains, but the company’s officers, some of whom are Russian, said there was no evidence.

Mr Smith, who has called for a “Geneva Digital Convention” that would create standards that preclude some types of attack, estimated that “at least a thousand very skilled, capable engineers” were involved in the hacking.

“This was an act of ruthlessness in my opinion,” he said, as it infected thousands of systems that the Russians had no interest in giving them access to only a few. “It was done in a very indiscriminate way.”

Mr Warner, Senator Marco Rubio of Florida, the senior Republican on the committee, and others repeatedly stated that Amazon – which runs the CIA’s network cloud services and seeks other major federal contracts – was the only company that refused to join Sending senior executives to explain his role in hacking. Amazon has not publicly said anything about what it knew about the command and control operation performed by its servers in the United States.

This is a critical problem as the hackers seem to have understood that American intelligence agencies are prohibited from investigating network activity in the United States. By initiating the attack within American borders, they took advantage of domestic privacy to avoid being detected.

Several senators said they were concerned that once such a technique was known, it would be widely used by others. “The basic question is how we missed that and what are still missing.” Mr Rubio said.