Excerpt:
Brandon Wales, the acting director of CISA, the US Cybersecurity and Infrastructure Agency, says that it will be well into 2022 before officials have fully secured the government networks compromised by Russian hackers. The list includes at least nine federal agencies, including the Department of Homeland Security and the State Department. Even fully understanding the extent of the damage will take months.
“I wouldn’t call this simple,” Wales says. “There are two phases for response to this incident. There is the short-term remediation effort, where we look to remove the adversary from the network, shutting down accounts they control, and shutting down entry points the adversary used to access networks. But given the amount of time they were inside these networks—months—strategic recovery will take time.”
Author(s): Patrick Howell O’Neill
Publication Date: 2 March 2021
Publication Site: MIT Technology Review