The Cybersecurity and Infrastructure Security Agency issued an emergency directive directing all agencies to disconnect SolarWinds’ Orion Network Management products from their networks to mitigate a cyber vulnerability and to date, there has been no sign of breach in the Department of Defense’s classified and non-classified networks, C4ISRNET reported Thursday.
“We continue to assess our DoD Information Networks for indicators of compromise and take targeted actions to protect our systems beyond the defensive measures we employ each day. To date, we have no evidence of compromise of the DODIN,” said Vice Adm. Nancy Norton, director of the Defense Information Systems Agency (DISA), commander of Joint Force Headquarters-DoDIN and a former Wash100 Award winner.
“We will continue to work with the whole-of-government effort to mitigate cyber threats to the nation,” added VADM Norton.
Former military information technology and cyber professionals told the publication it would take some time before officials can assess the full extent of the cyber breach’s impact.
“I couldn’t estimate on that, honestly, because … all the DoD networks are very complicated,” said Danelle Barrett, a retired Navy rear admiral and former deputy chief information officer of the Navy. “You’ve got a combination of legacy networks and more modern networks. Some things are more automated than others on those networks. So it’s going to take a lot of digging … There’s probably things that they can identify right away. It’ll be awhile before they have the whole complete picture.”