Beyond the sheer breadth of the attack, it also reveals that government agencies are no longer the only targets of the United States’ adversaries—American businesses are, too.
“Don’t be surprised either if it emerges that private companies were hit.,” Rep. Rogers cautions. “SolarWinds says it has more than 300,000 customers, including 400 companies in the Fortune 500. That’s a lot of potential victims.”
That U.S. businesses are in the crosshairs of country’s like China and Russia requires cooperation across both the private and public sectors.
“The nation—public and private sectors—are under attack,” Rep. Roger urges. “We need to craft a truly whole-of-nation and whole-of-government approach to collective cyber defense.”
The need is urgent. The SolarWinds attack, which used malicious software updates to infiltrate systems, will likely spawn imitators, both state-sponsored and “lone wolf” criminals.
“If the U.S. doesn’t define red lines today and demonstrate that there are consequences for crossing them, we will continue to be the victim of cyberattacks. The breaches will only get worse,” Rep. Rogers concludes.