<p>This is a positive, welcome step towards adding more friction to Russian operations. Simply naming the SVR, as well as the corporations that support it will inform our defense. Unfortunately, we are unlikely to fully deter cyber espionage and we will have to take serious action to better defend ourselves from inevitable future intrusions.</p>
<p>The new US Administration took action on Russia today via a White House (WH) Executive Order (EO) punishing them for their nefarious actions in cyberspace and their occupation of Crimea. Sanctions were put in place on specific entities and individuals along with expelling a number of Russian diplomats in Washington DC. One of the more interesting notes from the EO was the specific calling out of the Russian Foreign Intelligence Service as the perpetrator of the SolarWinds supply chain breach with a high confidence level. That level of confidence in attribution from the WH is notable since it hasn’t happened as frequently as the cyber defender community would like to see. In relation to the same EO, the US FBI today also released actions for defenders to take to protect themselves from ongoing Russian activity in cyberspace impacting vulnerabilities in a number of products.<u></u><u></u></p> <p><u></u> <u></u></p> <p>The impact from all the actions taken by the US government? It’s undetermined at this point in time. Although the actions today are badly needed by the US and its allies to hopefully counter Russian aggression, many past efforts, sanctions, and plans, have had little impact. Actions by Russian and Chinese state based actors or their proxies (and other nations) have been taking place for many years and efforts in the past to counter them have stuttered, stalled, or just completely failed. A close-knit global effort is required to have an impact on these government actors and entities to stop their IP theft, meddling in elections, and compromising critical infrastructure. <u></u><u></u></p> <p><u></u> <u></u></p> <p>It’s readily apparent that many nations simply do not have the stomach to stand up to these attacking nations for a number of reasons including their own reliance on them for fossil fuels, technology, and other resources. Unless we are willing to make them an island via isolation, these types of actions will likely continue. The effort from the US government should be applauded for calling them out, however the impact may end up being minimal.</p>
Last edited 3 years ago by Tony Cole
Joseph Carson , Chief Security Scientist & Advisory CISO
April 16, 2021 4:12 pm
<p>For me this is not a surprise though lack of clear attribution is always vague in such news, so I believe the more we learn about the attribution the more concrete accountability and action can be taken. The good news in the statement fact sheet is the part where the US government support a Global Cybersecurity Approach – no single country alone can win against cybercrime and cyberattacks. </p> <p> </p> <p>A collaborative approach is the only way to tackle cybercrime where countries work together with transparency, holding those countries whom provide safe havens for cyber terrorism accountable with strong actions will be the only way to reduce future cyberattacks.</p>
<p>This is a positive, welcome step towards adding more friction to Russian operations. Simply naming the SVR, as well as the corporations that support it will inform our defense. Unfortunately, we are unlikely to fully deter cyber espionage and we will have to take serious action to better defend ourselves from inevitable future intrusions.</p>
<p>The new US Administration took action on Russia today via a White House (WH) Executive Order (EO) punishing them for their nefarious actions in cyberspace and their occupation of Crimea. Sanctions were put in place on specific entities and individuals along with expelling a number of Russian diplomats in Washington DC. One of the more interesting notes from the EO was the specific calling out of the Russian Foreign Intelligence Service as the perpetrator of the SolarWinds supply chain breach with a high confidence level. That level of confidence in attribution from the WH is notable since it hasn’t happened as frequently as the cyber defender community would like to see. In relation to the same EO, the US FBI today also released actions for defenders to take to protect themselves from ongoing Russian activity in cyberspace impacting vulnerabilities in a number of products.<u></u><u></u></p> <p><u></u> <u></u></p> <p>The impact from all the actions taken by the US government? It’s undetermined at this point in time. Although the actions today are badly needed by the US and its allies to hopefully counter Russian aggression, many past efforts, sanctions, and plans, have had little impact. Actions by Russian and Chinese state based actors or their proxies (and other nations) have been taking place for many years and efforts in the past to counter them have stuttered, stalled, or just completely failed. A close-knit global effort is required to have an impact on these government actors and entities to stop their IP theft, meddling in elections, and compromising critical infrastructure. <u></u><u></u></p> <p><u></u> <u></u></p> <p>It’s readily apparent that many nations simply do not have the stomach to stand up to these attacking nations for a number of reasons including their own reliance on them for fossil fuels, technology, and other resources. Unless we are willing to make them an island via isolation, these types of actions will likely continue. The effort from the US government should be applauded for calling them out, however the impact may end up being minimal.</p>
<p>For me this is not a surprise though lack of clear attribution is always vague in such news, so I believe the more we learn about the attribution the more concrete accountability and action can be taken. The good news in the statement fact sheet is the part where the US government support a Global Cybersecurity Approach – no single country alone can win against cybercrime and cyberattacks. </p> <p> </p> <p>A collaborative approach is the only way to tackle cybercrime where countries work together with transparency, holding those countries whom provide safe havens for cyber terrorism accountable with strong actions will be the only way to reduce future cyberattacks.</p>