The head of U.S. Cyber Command told lawmakers Thursday the recent SolarWinds [SWI] and
Microsoft [MSFT] cyber attacks highlighted an “inability to see everything” as adversaries looked to bypass detection and launch their attacks from U.S. infrastructure.
Army Gen. Paul Nakasone, who also serves as the director of the National Security Agency, said bolstered information sharing with industry could help prevent such attacks, while noting current authorities limit Cyber Command and NSA’s ability to track such activity on domestic networks.
“What we’ve seen from both the SolarWinds and Microsoft intrusions is an increasing level of sophistication. This is a scope, a scale, a level of sophistication that we hadn’t seen previously. This isn’t simply email phishing attempts. This is the use of supply chain or this is the use of vulnerabilities we hadn’t seen before,” Nakasone said during a Senate Armed Services Committee hearing. “They’re no longer launching their attacks from different parts of the world. They understand they can come into the United States, use our infrastructure and there’s a blindspot for us not being able to see them”
Nakasone said adversaries may specifically be looking to work around Cyber Command and NSA’s ability to detect suspicious activity within U.S. borders, which is currently under the FBI’s purview.
“We, as U.S. Cyber Command or the [NSA], may see what is occurring outside of the United States, but when it comes into the United States our adversaries are moving very quickly. They understand the laws and policies we have within our nation, and so they’re utilizing our own infrastructure and our own internet service providers to create these intrusions,” Nakasone said.
While Nakasone did not explicitly advocate for new authorities for Cyber Command and NSA to track such activity, he said bolstered public-private partnerships and new laws to allow industry to understand whose on their networks could help improve information sharing.
“These attacks took place within the United States, and there are right now legal barriers and disincentives for the private sector to share information with the government. We have a difficulty as a government understanding the totality of the actual intrusion,” Nakasone said.