Federal Cybersecurity – America’s Data Still At Risk
Securing Federal networks has never been more important. Federal agencies maintain the personal information of millions of Americans who have no say in how that information is maintained and protected. Despite legal requirements for Federal agencies to secure their networks, they repeatedly fail to do so—this includes not implementing basic cybersecurity hygiene practices and protecting the sensitive information entrusted to them.
The current state of cyber espionage. In the past two years, state-sponsored hackers have perpetrated some of the largest and most damaging cyber-attacks in our history. In December 2020, we learned that the Russian Foreign Intelligence Service used a sophisticated supply chain vulnerability to corrupt a security patch for SolarWinds network management software. This allowed hackers to infiltrate nine Federal agencies, including DHS, State, Energy, and Treasury. Russia’s cyber-spies remained undetected in those Federal agencies’ systems for at least nine months. The Federal Government only became aware of the attack after it was discovered by a private cybersecurity firm, FireEye, which was also breached. The Federal Government is still working to understand exactly what information and data Russia accessed during those nine months.