Officials urge Biden to appoint cyber leaders after SolarWinds, Microsoft hacks

Homeland Security Secretary Alejandro Mayorkas and leading lawmakers on Wednesday urged President Biden to nominate officials to lead federal cybersecurity policy, particularly as the government continues to grapple with the fallout from two massive cyber espionage attacks. 

Mayorkas was questioned by lawmakers about the progress on Biden nominating an individual to fill the director position for the Cybersecurity and Infrastructure Security Agency (CISA), which has not had a Senate-confirmed leader since former President Trump fired then-Director Christopher Krebs in November. 

“We are very focused on filling the vacancies of leadership across the department, it’s an issue that I work with the White House on every single week, and as a matter of fact, I had a conversation yesterday on that very subject,” Mayorkas testified to the House Homeland Security Committee. “I will say that yes we do need a politically appointed, Senate-confirmed leadership in a number of positions throughout the Department of Homeland Security.”

Mayorkas praised current Acting CISA Director Brandon Wales for his leadership, but noted he “agreed” with the need for there to be a Senate-confirmed leader when asked by Homeland Security Committee ranking member John Katko (R-N.Y.). Katko sent a letter to Biden last week urging him to nominate a CISA director. 

Mayorkas’s comments come as the federal government is grappling with two major nation-state cyber espionage incidents, with CISA taking a leading role in the response.

The first incident, which has become known as the SolarWinds hack, involved likely Russian hackers infiltrating at least nine federal agencies and 100 private sector groups since at least March 2020.

Microsoft complicated matters further earlier this month when it announced that a Chinese state-sponsored hacking group had exploited previously unknown vulnerabilities in its Exchange Server program, with hundreds of thousands of government and private sector groups worldwide put at risk. 

CISA is among the four federal agencies that has been designated to respond to both the incidents.

Mayorkas confirmed in written testimony Wednesday that DHS had been breached by the hackers in the SolarWinds case.

“DHS’s own networks were compromised by the campaign exploiting SolarWinds, but the Department was able to continue to execute its mission,” Mayorkas said. “While our public-facing services were not affected and we no longer see indicators of compromise on our networks, we have more work to do to fully secure our network against future attacks. DHS networks and cybersecurity best practices should be a model for other civilian agencies.”

The issue of the opening at the helm of CISA comes as Biden has also not yet announced a nominee to serve as national cyber director at the White House, a Senate-confirmed position established as part of the most recent National Defense Authorization Act (NDAA). 

White House press secretary Jen Psaki told reporters earlier this week that the administration is currently undertaking a 60-day review of the position, which marks a reestablishment and elevation of the cyber coordinator position eliminated in 2018 under the Trump administration.

Sen. Angus King (I-Maine), one of the key lawmakers who fought for the clause to establish the cyber czar in the NDAA, pointed Wednesday to the SolarWinds and Microsoft hacks as underlining the need to nominate officials for both the CISA and White House positions. 

“It may be that we are losing valuable time…let’s name a national cyber director, send the nomination up here, and in the meantime the White House can work on establishment of the office,” King told reporters during a phone call. 

“We really have to have an entirely new way of thinking about the conflict, we think about wars as being between armies, this is a case where the conflict from the outset will involve the private sector,” he stressed on foreign cyber threats. “They are not going to send troops to attack Washington, they are going to send bots to attack the Northeast power grid.”

Biden did appoint Anne Neuberger, the former cybersecurity lead at the National Security Agency, to serve as his deputy national security advisor for Cyber and Emerging Technology. Neuberger is currently serving as the lead in the White House on coordinating response to both cyberattacks.

King praised Neuberger’s leadership, but pointed out that her position is not a solid one, as it could be eliminated by national security advisor Jake Sullivan at any time. 

“I keep saying nice things about Anne Neuberger, and I mean that, but she is a staff member of the National Security Council, and her position could disappear tomorrow,” King said. “This is such a critical area, it deserves a very senior level appointee.”