[20201221]IN11559_太阳风攻击不容易修复.pdf

CRS INSIGHT Prepared for Members and Committees of Congress INSIGHTINSIGHTi i SolarWinds AttackNo Easy Fix Updated December 21, 2020 On December 13, 2020, the cybersecurity firm FireEye published research that a malicious actor was exploiting a supply chain vulnerability in SolarWinds products to hack into government and private sector information technology (IT) networks. SolarWinds confirmed the security incident. The Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive requiring federal agencies to remove certain SolarWinds products from agency networks. Media initially reported that the U.S. Treasury and Commerce departments were susceptible to this attack; subsequent reports added additional agencies. The list of compromised agencies and companies is expected to expand. As private sector and government researchers continue investigating this incident, the cybersecurity community expects to learn more about the attack, the adversary, their targets, compromised data and systems, and ways to recover from the incident. This Insight provides an overview of the incident, federal response, and policy considerations. The Attack SolarWinds (Austin, TX)