National security officials brief Biden team on SolarWinds hacking campaign

U.S. national security officials have briefed the transition team for President-elect Joe Biden and Capitol Hill aides on the consequences of a suspected government-backed hacking campaign affecting multiple federal agencies, according to multiple people familiar with the matter.

Trump administration officials held multiple briefings on the topic for Biden aides on Monday, and there is a classified briefing slated for Tuesday, according to a person familiar with the briefings. Among the agencies briefing Biden staff on Monday was the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, a CISA official said.

The hacking campaign, which the Washington Post reported as being tied to Russia, forced an emergency meeting of the White House National Security Council and prompted some lawmakers to call for new approaches to defending U.S. companies from malicious cyber activity. Responding to the apparent cyber-espionage effort could be one of the first big tests of Biden’s cybersecurity policy.

“We are in daily communication with federal agencies on a wide range of topics, but cannot confirm the details of any specific briefings,” said a spokesman for the Biden transition team.

The departments of Treasury, Commerce, Homeland Security and State have all been reportedly affected by the hacking campaign, which has exploited a flaw in software made by federal contractor SolarWinds. The victim list is expected to grow as federal and private-sector investigators sort through digital clues.

CISA also briefed Capitol Hill aides on Monday on an emergency directive the agency issued requiring all federal civilian agencies to check for signs of the malicious activity on their networks. During that briefing, CISA officials said at least one federal agency had discovered it was affected by the campaign in the day since the directive was issued, according to a congressional aide who participated in the briefing.