May 20, 2021
SolarWinds Hack – A Wake Up Call to Get Cyber Right
Dr. David Bray, Director of the GeoTech Center, and Dr. Divya Chander, Nonresident Senior Fellow at the GeoTech Center, joined the GovCon DIFFERENT podcast to discuss the far-reaching implications of the SolarWinds hack. The Biden administration classified the breach as an intelligence operation, but “if this was an attack,” David argues, “this was an an attack on the public’s trust.” Indeed, the SolarWinds incident exposed colossal weaknesses in the US digital ecosystem— from the legacy systems used by most federal agencies to critical infrastructure and sophisticated cloud environments.
Future attacks will only be more devastating. To illustrate this point, Dr. Chander pointed to vulnerabilities recently discovered in Medtronic pacemakers, which would enable a similar SolarWinds-style supply chain attack with potentially deadly consequences. Equally consequential hacks will also become more frequent with the proliferation of IoT-enabled devices and the rise of synthetic bio. According to David, “the way we do cybersecurity will just not scale at that point.” To be sure, updating outdated systems, digital literacy campaigns, and adopting teams with humans as well as machines represent first steps towards strengthening US cybersecurity. However, as Dr. Chander argues, we ultimately need alternate methodologies and architectures altogether. It is now incumbent upon policymakers to seize on the SolarWinds breach as a wake up call to address emerging cyber threats.
Watch a video recap at the link below or listen to the full episode here.