Biden will name the head of the cybersecurity agency after Russian hackers gain access to government accounts
U.S. President Biden is expected to appoint John C. Inglis as Chief of the Department of Homeland Security’s cybersecurity agency
US President Joe Biden is expected to appoint John C. Inglis as Chief of the Department of Homeland Security’s cybersecurity agency.
The appointment comes weeks after reports surfaced that suspected Russian hackers had gained access to government accounts.
The breached bills include those of former acting Secretary of Homeland Security Chad Wolf, the Associated Press reported.
The accounts have been opened by what is known as the SolarWinds break-in.
An investigation by the AP found new details of the breach at DHS and other agencies, including the Energy Department, where hackers had access to top officials’ schedules.
At least nine federal agencies were hacked, along with dozens of private sector companies.
The long-awaited appointment comes weeks after reports surfaced that suspected Russian hackers had gained access to government accounts
GOVT AGENCIES known to have been attacked by hackers so far
Ministry of Foreign Affairs
Ministry of Homeland Security
National Institutes of Health
Ministry of Energy
National Nuclear Security Administration
Los Alamos National Laboratory
Federal Energy Regulatory Commission
Secure transport office
In February, the CEO of SolarWinds revealed that hackers had been able to access the company’s emails for a minimum of nine months.
Hackers gained access to software created by the Texas-based company and used it as a springboard to penetrate federal government networks.
Solarwinds CEO Sudhakar Ramakrishna said the hackers had already accessed at least one of the company’s Office 365 email accounts in December 2019 and then switched to compromise other Office 365 accounts within the company.
“Some email accounts have been compromised,” Ramakrishna said to the Wall Street JournalThat led them to compromise other email accounts and, as a result, our wider ones [Office] 365 environment has been compromised. ‘
US lawmakers have labeled the extensive cyber-espionage campaign a national security emergency.
The hack, which came to light last December, hit nine federal agencies, including the FBI and the Pentagon, and numerous private companies in an unprecedented breach.
US intelligence agencies publicly attributed it to Russian state actors. Moscow has denied involvement in the hack.
The security breach occurred when hackers entered malicious code in recent versions of SolarWinds’ main software product, Orion.
SolarWinds has since revealed that they traced the hackers to October 2019, which is five months before they committed the main breach.
On October 10, 2019, the hackers are believed to have tested their ability to insert malicious code into the company’s network management software.
Another group of hackers – suspected of being linked to China – last year took advantage of an unrelated software flaw made by SolarWinds Corp. to break into US government computers.
SolarWinds has since revealed that they traced the hackers to October 2019, which is five months before they committed the main breach
President Joe Biden called Russian President Vladimir Putin on Tuesday, the White House said. In this March 10, 2011 file photo, then Vice President Joe Biden shakes hands with Putin while he was Prime Minister
Two people briefed on the matter told Reuters that FBI investigators recently discovered that the National Finance Center, a federal payroll agency within the United States Department of Agriculture (UDSA), was one of the organizations affected, raising fears that data over thousands of government employees possibly affected.
The software flaw exploited by the alleged Chinese group is unrelated to the flaw that the US accuses Russian hackers of being involved in.
Security researchers have previously said that a second group of hackers exploited SolarWinds’ software at the same time as the alleged Russian hack, but it emerged in February that China is believed to be connected.
China’s Foreign Ministry said attributing cyber attacks is a “complex technical issue” and all allegations should be backed up with evidence.
“China resolutely opposes all forms of cyber attacks and cyber theft,” he said in a statement.
The side-by-side, but believed to be unrelated, show how hackers target weaknesses in obscure but essential software products widely used by large corporations and government agencies.
Inglis served with the NSA for 28 years and served as the deputy director of the National Security Agency for eight years before retiring in 2014. It is expected to be confirmed with ease.
The position was only created late last year, and the Washington Post reported it was a job in the White House.
If this is confirmed, Inglis will likely be heavily involved in dealing with security threats from foreign actors.
He will oversee the defense of civilian agencies and assess agencies ‘cyber budgets, but will not be involved in coordinating military and intelligence agencies’ offensive cyber policies.
Biden has also created the position of Deputy National Cyber Security Advisor and hired former NSA employee Anne Neuberger.
She has coordinated the response to the Solar Winds and Microsoft Exchange hackings so far.
Neuberger’s position does not require confirmation from the Senate, but Inglis may have to wait several weeks for his appointment as a civil servant.
If Inglis, as Biden’s nomination, is confirmed, he will oversee civilian agencies’ defense and review agencies’ cyber budgets, but will not be involved in coordinating military and intelligence agencies’ offensive cyber policies.