Linda Liang
Name
The SolarWinds attack and its political implications: Keeping track of major cyber incidents and how states respond.
Description

The SolarWinds attack has been one of the most severe cyberattacks of its kind: a supply chain attack that compromised fifteen US and EU government agencies, and about one hundred more private companies, including cyber intelligence companies. The initiator APT29 or CozyBear, a Russian state-integrated hacker group, is known for its high sophistication and has also conducted the DNC hack in 2015 that notably influenced US elections. Besides recounting how the SolarWinds incident unravelled, the heart of the discussion will attend to the aftermath: when did Mandiant, Microsoft and SolarWinds itself report being infiltrated? How long did it take the US government to attribute the attack to Russia and issue sanctions? Which states joined in?

Zoning in on the changes in attribution behaviour of the US and European states will take us into the discussion of sanctioning violations under international law. At the same time, following the loss of trust in critical infrastructure providers, we can see a renegotiation between the government and the private sector on cybersecurity. The Deputy National Security Adviser for Cyber and Emerging Technology in the US, the EU Cyber Resilience Act, and the outcome of the US SEC complaint against SolarWinds' Chief Information Officer (CISO) all beg the next question of who is responsible for national security in the cyber realm?

Date & Time
Thursday, February 27, 2025, 2:00 PM - 2:45 PM
Theater
Keynote