Federal agencies realized the importance of government-industry collaboration while responding to the cyberattacks on SolarWinds’ network monitoring software and Microsoft’s Exchange email service, according to a Government Accountability Office report.
GAO found that the Cyber Unified Coordination Groups’ role as a central discussion forum helped agencies and companies work together during incident response efforts.
The government audit agency sought information from the 24 CFO Act agencies on lessons learned from the Russia-linked SolarWinds breach in late 2020 and the Microsoft Exchange server compromise that was attributed to China last year.
Agencies received joint advisories from the Cybersecurity and Infrastructure Security Agency, the FBI and the National Security Agency to help government personnel understand the malicious campaigns and implement measures to fix vulnerabilities associated with the two large-scale breaches.
However, agencies experienced coordination and response challenges due to some information sharing and evidence gathering practices, GAO noted.