These arise from the SolarWinds hack attack that some experts claim doesn’t rise to an act of war (but that I think might do so*).
Why wasn’t it spotted sooner? This applies to SolarWind as much as it does the IT MFWICs and their staffs at the various government agency and private business recipients. Who inspected SolarWind’s “updates,” how were they tested both before SolarWind disseminated them, and how were they tested before the receiving entities implemented them? Were the recipients actually, with straight faces, allowing a remote entity to enter their systems and install software that was uninspected/untested by those recipients?
What’s being done about the hack now—both defensively and offensively?
On what basis would we be able to believe all of the proximately done SolarWind hackware has been rooted out?
What other software is broadly used in government and automatically updated from outside? What inspecting and testing is being done on that software?
What inspection/testing is being conducted on all the private economy cloud software extant?
More serious, though, are these questions:
Was this hack, which embedded spyware, among other things, all of it? Or was this hack intended to be found as a distraction from detecting other, more hidden, more nefarious software—software that could be triggered later to conduct sabotage of critical systems, insert misleading or outright false data into critical databases and imaging systems, cut off communications between critical government and military leadership entities and between those and their field-operational systems at critical moments of a more overt attack?
Was this hack conducted by Russia? Or perhaps by Iran, while framing Russia, the butcher of Chechnya? Or perhaps by northern Korea, while disguising its own culpability by framing Russia? Or by the People’s Republic of China, which still regards Russia as a foe and now recognizes Russia’s political and military impotence vis-à-vis the CCP and the PLA, and so harming two enemies with one exploit?