Law360: SolarWinds Sanctions Far From Last Word On Russian Hacks

O’Melveny data security and privacy counsel John Dermody spoke with Law360 following the Biden administration’s announcement of sweeping economic sanctions against Russian entities for their involvement in the SolarWinds cyber espionage campaign, misinformation efforts surrounding the 2020 US presidential election, and ongoing human rights issues in Ukraine.  

The comprehensive sanctions package is not just focused on SolarWinds, which the US government has now formally attributed to Russia’s premier intelligence agency. The move is thus “less about deterring a specific behavior and more about resetting and redefining the Biden administration's relationship with Russia,” said Dermody, a former attorney with the National Security Council, Department of Homeland Security, and Department of Defense. 

“This is likely a starting point for continued engagement with Russia on all sorts of issues, but particularly in the area of cybersecurity,” he added. “However, it’s going to be an ongoing engagement, and I don’t think there’s an expectation that firing off a package of sanctions, however calibrated they may be, is going to be the end of the story.”

While it remains unclear just what cyber activity will spur US retaliation, other adversaries “should expect a similar type of response if they're going to engage in broad scale supply chain intrusions like SolarWinds,” Dermody commented. 

Law360 subscribers can read the full article here.