White House briefing starting now. Anne Neuberger, Biden's deputy national security adviser for cyber and emerging technology, will make her first appearance at the podium. SolarWinds update? A new cyber EO? We'll find out.
Psaki says Neuberger will provide "an update on the administration's work related to SolarWinds."
Neuberger: SolarWinds campaign compromised nine federal agencies and roughly 100 companies, many of them providing services to other companies.
Neuberger: “The scope and scale of our investigation is underway, and we look forward to providing you … updates in the future.”
Neuberger says she was on the Hill last week to update lawmakers on the SolarWinds response, was there again this week, and will be back next week.
Neuberger: “There are legal barriers and disincentives to the private sector sharing information with the government. That is something we need to overcome.”
Neuberger: “We believe it took them months to plan and execute this compromise. It'll take us some time to uncover this layer by layer.”
On next steps, Neuberger says the administration is working on roughly a dozen policies to prevent a repeat attack and predicts that eight will be part of an upcoming "executive action" to address security gaps.
On potential retaliation, Neuberger notes that Russia is responsible for many other cyberattacks and says, "as we contemplate future response options, we're considering holistically what those activities were."
Asked about timetable for remediation, Neuberger says, “I think we're estimating several months, but as I said, literally, you know, day by day, hour by hour, we're making progress in understanding.”
Asked about costs, Neuberger says there are two parts: investments to improve infrastructure and impact of compromised data. “There’s certainly a cost with regard to dollars. There’s also a cost with regard to national security. And we’re bounding and understanding both.”
The impact (type of data accessed) "varies agency by agency," Neuberger says. “Certainly there is national security impact.”
Neuberger says “we believe we're in the beginning stages of understanding the scope and scale, and we may find additional compromises" especially stemming from potential hopping from hacked vendors to their customers.
One interesting thing from Neuberger's remarks: the administration doesn't want us to think of this as just standard espionage.

“The scope and scale to networks, to information, makes this more than an isolated case of espionage," Neuberger said.
She added later: “When there is a compromise of this scope & scale, both across govt & across the U.S. technology sector to lead to follow on intrusions, it is more than a single incident of espionage. It's fundamentally of concern for the ability for this to become disruptive.”
What does that mean? Well, if the access afforded by this campaign eventually allows hackers to push buttons on critical infrastructure, that's a bigger concern than regular espionage, even if the operation started as standard spying.
You can follow @ericgeller.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
Those who think consciousness raising & movement building are disconnected, or even a distraction from electoral politics have not paid attention to the history of social change.In this thread, we
Read more
The 2020s will be known as the Remote Work decadeA few predictions of what is likely to emerge[ a thread ] Third Space: Office and Working from Home will
Read more
1/29: Have you ever had a concept explained to you that helps frame complex issues you’ve been wrestling with and opens your eyes to new possibilities? A concept that I
Read more
By continuing to use the site, you are consenting to the use of cookies as explained in our Cookie Policy to improve your experience.