Cyber Archive

The U.S. had barely begun its recovery from the SolarWinds compromise, when another large-scale, state-sponsored cyberattack came to light in January. Like the SolarWinds hack, the Microsoft Exchange Server data breach exploited several zero-day vulnerabilities and has been attributed to a nation-state. But unlike SolarWinds, while the Microsoft attack was initially a targeted attack, it went on to create widespread collateral damage, leading some commentators to characterize it as “reckless.” Microsoft has attributed the compromise to a Chinese state-sponsored espionage group called “Hafnium.” Recent U.S. sanctions against Russia, in part motivated by the SolarWinds attack, have given rise to an […]

Last week, the Biden administration took the bold step of imposing economic sanctions in response to an act of cyber espionage, namely the SolarWinds attack. It seems that the new U.S. administration is finally getting serious about standing up to Russian aggression in cyberspace. But from the perspective of international law, the move is controversial and could potentially come back to bite the U.S. in the future, given its own cyber capabilities. The release of the Executive Order announcing the sanctions, which also respond to Russian meddling in the 2020 U.S. presidential elections and other actions, coincided with a call […]