magic starSummarize by Aili

The President Ordered a Board to Probe a Massive Russian Cyberattack. It Never Did.

https://www.propublica.org/article/cyber-safety-board-never-investigated-solarwinds-breach-microsoft?utm_campaign=article_email&utm_content=article-13185&utm_medium=email&utm_source=sg

๐ŸŒˆ Abstract

The article discusses the Cyber Safety Review Board, a new government board tasked with investigating major cybersecurity incidents, and its failure to investigate the SolarWinds hack as directed by the White House. It examines the board's structure, mandate, and decisions, as well as the implications of its actions.

๐Ÿ™‹ Q&A

[01] The Cyber Safety Review Board

1. What is the purpose of the Cyber Safety Review Board?

  • The board was created to help address the serious threat posed to the U.S. economy and national security by sophisticated hackers who consistently penetrate government and corporate systems.
  • It was modeled after the National Transportation Safety Board, which investigates and issues public reports on the causes and lessons learned from major aviation accidents.

2. What are the key issues with the structure and mandate of the Cyber Safety Review Board?

  • The board is not independent - it is housed within the Department of Homeland Security, and its chair and vice chair have ties to the government and tech industry.
  • It does not have full-time staff, subpoena power, or dedicated funding, unlike the NTSB model it was based on.
  • The executive order that created the board limited its powers, such as not allowing it to allocate funding or grant subpoena power.

3. Why did the board decline to investigate the SolarWinds hack as directed by the White House?

  • The board chair, Rob Silvers, said the SolarWinds attack had already been "closely studied" by the public and private sectors, and the board wanted to focus on reviews where there was more insight to be gained.
  • This decision meant there was no public examination by the government of the unaddressed security issue at Microsoft that was exploited by the Russian hackers in the SolarWinds attack.

[02] The Implications of the Board's Decisions

1. How did the board's failure to investigate SolarWinds impact the later Chinese-led hack that exploited Microsoft vulnerabilities?

  • Cybersecurity experts and elected officials argue that a thorough review of SolarWinds could have exposed Microsoft's security failings and led to changes that may have prevented or mitigated the later Chinese-led hack.
  • Senator Ron Wyden expressed concern that the board's decision not to investigate SolarWinds was due to a reluctance to examine government agencies' role in failing to prevent the attack.

2. How did the Government Accountability Office (GAO) assess the board's fulfillment of its mandate?

  • The GAO initially found that the board had failed to fulfill its mandate to review SolarWinds, but later accepted the board's argument that it had met the intent through other government reports.
  • This decision by the GAO has been criticized by cybersecurity experts, who argue that a board report would have provided a more detailed, public accounting of the SolarWinds attack.

3. What changes has the board recommended, and what are the challenges it faces?

  • After the 2023 Chinese-led hack, the board issued a scathing report on Microsoft's security failures, leading to the company announcing changes.
  • The Department of Homeland Security has proposed legislation to make the board permanent, with dedicated funding and limited subpoena power, but this has not yet been introduced.
  • Experts continue to advocate for the board to become an independent government agency, as originally envisioned, to improve its effectiveness and independence.
Shared by Daniel Chen ยท
chromeInstall fromChrome Web Store
ยฉ 2024 NewMotor Inc.