Anne Neuberger, a Jewish Orthodox woman who serves as the top White House cybersecurity official, gave her first press briefing Wednesday since joining the Biden administration.
Neuberger, who holds the post of deputy national security adviser for cyber and emerging technology, addressed a major cyber breach likely carried out by Russia that she said accessed files and emails from at least nine government agencies and about 100 private companies.
She also warned that the danger has not passed, because the hackers breached networks of technology companies whose products could be used to launch additional intrusions.
A task force is investigating the extent of the damage from the breach, assessing potential responses and trying to confirm the identity of whoever was behind it — a process Neuberger warned will take more time.
“This is a sophisticated actor who did their best to hide their tracks,” she told reporters at the White House. “We believe it took them months to plan and execute this compromise. It will take us some time to uncover this layer by layer.”
US authorities have said the breach, disclosed in December, appeared to be the work of Russian hackers. Neuberger, who was appointed by US President Joe Biden this month, went no further.
“An advanced, persistent threat actor — likely of Russian origin — was responsible,” she said, without providing any further details and sounding a cryptic note on potential responses.
“This isn’t the only case of malicious cyber activity of likely Russian origin, either for us or for our allies and partners,” Neuberger added. “So, as we contemplate future response options, we are considering holistically what those activities were.”
The Russian government has denied involvement.
Private security company FireEye was first to identify the breach, revealing that hackers hijacked widely used network software from SolarWinds Inc. to install malicious software through what appeared to be a routine security update.
Intelligence agencies did not detect the breach because they largely have “no visibility into private-sector networks,”, Neuberger said, adding that the breach was launched within the US. The Biden administration supports changes to “culture and authorities” that prevented the hack from being detected on the federal civilian systems, she added.
The hack, Neuberger said, highlights the need to modernize the nation’s IT infrastructure and its cyber defenses, issues that will be addressed in an upcoming executive order from Biden aimed at addressing security and technology gaps highlighted by the breach.
Before taking up her latest post, Neuberger worked at the National Security Agency for over a decade and was tapped to lead its cybersecurity efforts last year. She helped establish the US Cyber Command and worked as chief risk officer, leading the agency’s election security efforts for the 2018 midterms.
Neuberger has said her family’s harrowing escapes — first from the Holocaust and then from the Entebbe hostage crisis in Uganda, after the Air France flight her parents were on was hijacked by Palestinian terrorists in 1976 — helped shape her worldview.
Though her parents are not Israeli, they were held by the hijackers for a week along with Israeli passengers because they were Jewish.
Neuberger, 45, also known as Chani, is from the heavily Jewish Brooklyn, New York, neighborhood of Borough Park, where she attended the Bais Yaakov Jewish day school for girls, according to the Yeshiva World News.
She is a graduate of Touro College in New York and Columbia Business School, and has worked in the White House Fellows program. On the side, she runs a charitable organization helping divorced single mothers in Orthodox communities.
A member of one of the 100 wealthiest families in the United States, Neuberger transitioned from the private sector into government service following the September 11 attacks.