Top nominees for President Biden’s Department of Homeland Security vowed to prioritize protecting critical infrastructure after SolarWinds and Colonial Pipeline cyberattacks.
The confirmation hearing for Biden’s picks for the department’s deputy secretary, general counsel and undersecretary for strategy, policy and plans — John Tien, Jonathan Meyer and Robert Silvers, respectively — came just weeks after a ransomware attack aimed at a major U.S. pipeline.
The emphasis on cybersecurity was a marked difference for senators, which asked those nominees’ predecessors cybersecurity-related questions only in passing during their confirmation hearings for the Trump administration.
By contrast, cyber issues were mentioned dozens of times at Thursday’s hearing, with a handful of lawmakers asking cybersecurity-related questions that touched on recent cyberattacks, including a breach of SolarWinds software affecting at least nine federal agencies, as well as the recent breach of Colonial Pipeline.
“Recent incidents from SolarWinds to Colonial Pipeline have only further highlighted the urgency to secure critical infrastructure and federal networks from cyber attacks,” Silvers said. “If confirmed, I will focus closely on fortifying DHS efforts on this critical work.”
Several cybersecurity-related agencies lie within DHS, including the Cybersecurity and Infrastructure Security Agency, or CISA, the U.S. government’s top civilian cybersecurity agency; the Transportation Security Agency, or TSA, which oversees pipeline security; and the Secret Service, which conducts some cybersecurity investigations.
DHS’s cyber mission is expanding as it responds to 21st century threats.
The Russia-linked hackers behind the SolarWinds cyberattack are back, according to Microsoft.
The hackers tried to target 3,000 people across 150 organizations, with at least a quarter of the targeted organizations coming from the humanitarian, human rights and international development sectors, the New York Times’ David E. Sanger and Nicole Perlroth report. Many of the emails were blocked by automated software, according to Microsoft, which also said the emails claiming to be from the U.S. Agency for International Development, also known as USAID, were identified this week. Cybersecurity firm Volexity also released details about the campaign.
Groups including two China-linked hacking groups used vulnerabilities in Pulse Secure VPN software to steal data from organizations that “operate in verticals and industries aligned with Beijing’s strategic objectives,” CyberScoop’s Sean Lyngaas reports. The report by FireEye sheds new light on the hacking campaigns, which FireEye first announced last month.