By Justin Katz
Feb 24, 2021
Einstein, a core component of the government s National Cybersecurity Protection System, was unable to stop the Solarwinds compromise because it focuses on attacks coming from outside the network, according to the acting director of the Cybersecurity and Infrastructure Security Agency. CISA is exploring ways to monitor internal anomalous activities, such as a network management system communicating through an encrypted channel to an entity outside the network, Brandon Wales, acting CISA chief, said at a Feb. 18 event hosted by the Business Council for International Understanding. There are things that clearly need to be done to enhance our ability to stop attacks like this in the future. One that we are working on is better insights and visibility into the end points, he said.
As the Defense Department looks to buy more services, it s going to need to come up with action plans to better account for spending in future years, according to a recent Government Accountability Office report.
By Justin Katz
Feb 24, 2021
Brad Smith, president of Microsoft, told a panel of senators on Tuesday that his company estimates the cybersecurity breach of nine federal agencies and 100 private companies likely took at least a thousand skilled and capable people to pull off. At Microsoft as we worked with customers that had been impacted by this, we stepped back and just analyzed all of the engineering steps that we had seen and we asked ourselves how many engineers do we believed had worked on this collective effort and the answer we came to was at least a thousand,” Smith told the Senate Select Committee on Intelligence. I should say at least a thousand very skilled, capable engineers. So we haven’t seen this kind of sophistication matched with this kind of scale, he added.