The latest updates and analysis from Morrison Foerster
April 19, 2021 - Cybersecurity & Data Privacy, National Security

U.S. Government Responds to SolarWinds Hack, Seeks to Establish New Norms for Cyber Espionage

U.S. Congress Introduces Bill that Would Require Mandatory 24 Hour Cyber Breach Notification for Government Agencies, Contractors, and Operators of Critical Infrastructure

After much anticipation and hints, the U.S. Government announced a series of measures to respond to recent Russian actions against the United States, including the SolarWinds intrusion campaign. The measures underscore that companies are not in a position and should not be left to defend against nation state actors on their own, and that the U.S. Government will take steps to impose consequences and change the norms to make clear that widespread and costly intrusions on private companies are unacceptable. The initial actions taken by the U.S. Government include:

  • imposing new sanctions against Russian entities,
  • attributing the SolarWinds compromise to the Russian Foreign Intelligence Service (SVR), and
  • issuing a pair of interagency reports that provide detailed technical information about the tools and methods Russian hackers used to exploit victim networks.

Read our client alert.