Although the Department of Defense (DoD) reported that there has been no sign of breach to date linked to a cyber vulnerability involving SolarWinds’ Orion Network Management products, former cybersecurity officials at the government discussed several scenarios that could occur as a result of hackers making their way into DoD’s computer networks, C4ISRNET reported Sunday.
“If an adversary had gotten in and moved laterally, then all the network connection points — any place you have connections between networks and those trust relationships — that becomes very difficult to defend,” said Danelle Barrett, a retired U.S. Navy rear admiral, former deputy Navy CIO and cybersecurity division director.
The vulnerability of systems administrator privileges increases the risk of accounts being manipulated to gain increased access into networks.
“They’re going get in and build all sorts of backdoors that you’re not going to be able to figure out,” Barrett said. “They’re going to be able to manipulate accounts and do things and hide their tracks. You’re not going to catch them, and they’re probably still there now.”
Jan Tighe, a retired Navy vice admiral and former commander of 10th Fleet/Fleet Cyber Command, said DoD should determine the persistence of an intruder on the network and whether the adversary altered the data.
“You have data, but you don’t know if it’s really the right data in your network. Depending on what aspect of the DoD you’re in, that could be very damaging,” said Tighe, former deputy chief of naval operations for information warfare and a former Wash100 Award recipient.