WASHINGTON — The U.S. government's response to a massive hack of government and corporate networks has been "disjointed and disorganized," according to the leaders of the Senate Intelligence Committee, who had urged the Biden administration Tuesday to appoint someone to lead the effort.
On Wednesday, Sens. Mark Warner, D-Va., and Marco Rubio, R-Fla., issued a second statement after the White House said Anne Neuberger, the deputy national security adviser for cyber policy, would be the point person.
"The federal government's response to date to the SolarWinds breach has lacked the leadership and coordination warranted by a significant cyber event, so it is welcome news that the Biden administration has selected Anne Neuberger to lead the response, the statement said. "The Committee looks forward to getting regular briefings from Ms. Neuberger and working with her to ensure we fully confront and mitigate this incident as quickly as possible."
Experts say it might take months to oust the hackers from government networks, and the senators said in their letter that the threat the breach continues to pose requires a single leader "who has the authority to coordinate the response, set priorities, and direct resources to where they are needed."
The SolarWinds hack was first reported Dec. 13, when officials said hackers believed to be working for the Russian SVR spy agency compromised SolarWinds software that is used by most Fortune 500 companies and much of the federal government.
In a statement to NBC News late Tuesday, National Security Council spokeswoman Emily Horne said Neuberger was leading the Biden administration's response.
"Since day one, she has been running an interagency process on SolarWinds," Horne said. "In the first weeks of the Biden administration DNSA Neuberger has held a series of consultations with both Democratic and Republican members of Congress on our approach to SolarWinds specifically and our cybersecurity strategy broadly. We look forward to continuing to work with Congress on these issues."
Although as many as 18,000 entities downloaded compromised SolarWinds software that made them vulnerable, the hackers are believed to have gained entry to the networks of a selected group of targets, including the departments of Defense, State, Energy, Justice and the Treasury, as well as the cybersecurity firm FireEye.
Current and former intelligence officials said they consider the hack an espionage operation, but some say the scale and methods — compromising the so-called software supply chain in a way that made thousands of networks vulnerable — were larger and more indiscriminate than what the U.S. would do in its cyber spying efforts. Nonetheless, there are no international rules for espionage, and it's not clear how the Biden administration intends to respond to penalize Russia or whether it will do so at all.
The U.S. government's internal response may have been hampered in part because President Donald Trump fired the top cybersecurity official, Christopher Krebs, in November after he publicly rejected Trump's false claims of election fraud.
In addition, a presidential transition is generally a difficult time for the government to take swift and decisive action, because top officials leave office and new appointees take time to get acclimated.
"The briefings we have received convey a disjointed and disorganized response to confronting the breach," Warner and Rubio said in their letter, which was addressed to National Intelligence Director Avril Haines, National Security Agency Director Paul Nakasone, FBI Director Christopher Wray and Brandon Wales, acting director of the Cybersecurity and Infrastructure Security Agency.