Connect with us

Cybersecurity

Senate Looks for Answers During First Public Hearing on SolarWinds Cyber Attack

Published

on

Screenshot of FireEye CEO Kevin Mandia from the hearing

WASHINGTON, February 24, 2021 – In the first public hearing on the topic since the SolarWinds cyberattack in December, industry leaders testified Tuesday before the Senate Intelligence Select Committee that there are still unanswered questions about the attack.

Those questions include who did it, how they did it, and what they wanted.

Although the attack colloquially assigns SolarWinds as the victim, many companies were affected, and it was the cybersecurity firm FireEye that first announced they had been infiltrated.

The hack, which occurred between March and June 2020 and targeted several companies and federal agencies, has been widely attributed to Russian intelligence. FireEye’s CEO Kevin Mandia and Microsoft President Brad Smith, both whom testified at the hearing, said the adversary was likely the Russians, but did not want to give an irrefutable affirmation.

“We all pretty much know who it is,” said Mandia.

Although there is not yet definitive proof, we are confident from the evidence that this was the Russian intelligence agency, said Smith.

As Broadband Breakfast reported Tuesday, SolarWinds’ CEO Sudhakar Ramakrishna said that the attack was very sophisticated and required extensive expertise, as it occurred in the software update supply chain environment.

The other witnesses agreed. Mandia explained that FireEye found the implanted code from thousands of hours of examining detailed assembly code that requires specialized knowledge to understand.

Although we’ve seen many cyberattacks in the past, the scale of this attack was new, said Smith. The level of expertise we saw here required at least a thousand very skilled, capable engineers, he said.

Mandia said that this attack has been in the works for a long time. “This has been a multi-decade campaign for them. They just so happen to—in 2020—create a backdoor SolarWinds implant,” he said.

“They did a dry run in October of 2019, where they put innocuous code into the SolarWinds build just to make sure the results of their intrusion made it into the SolarWinds production platform environment,” he said.

SolarWinds still does not yet know how the attacker penetrated the company’s supply chain environment, but has narrowed it down to a few possibilities, said Ramakrishna. He did not elaborate on details, emphasizing that the investigation was still under way.

The witnesses said that what the hackers wanted and everything they took is still a mystery. At this point, we still don’t know everything the attacker did—only the attacker does, said Smith.

Various senators asked what needs to be done now that the world knows about the attack. The witnesses said they need better partnerships between the public and private sectors, especially a confidential way to report cyberattacks to the government.

They also said that nations need to agree on “ground rules” for engaging in cyberwarfare. During war, we agree not to bomb ambulances or hospitals, and in the digital space there needs to be equivalent off-limit targets, said Smith. These should include software updates, because the entire world and every type of infrastructure, both digital and physical, relies on them, he said.

The House Oversight and Homeland Security Committees are scheduled to hold a similar hearing Friday.

Reporter Tim White studied communication and political science at the University of Utah, and previously worked on Capitol Hill for a member of Congress. A native of Salt Lake City, he escapes to the Pacific Northwest as often as he can. He is passionate about politics, Star Wars, and breakfast cereal.

Cybersecurity

House Energy Committee Approves Series of Cyber Bills to Improve Telecom Security

The committee approved five bills dealing with protecting networks and educating the public on cyberattacks.

Published

on

Frank Pallone Jr., D-New Jersey

WASHINGTON, February 24, 2021 – In the first public hearing on the topic since the SolarWinds cyberattack in December, industry leaders testified Tuesday before the Senate Intelligence Select Committee that there are still unanswered questions about the attack.

Those questions include who did it, how they did it, and what they wanted.

Although the attack colloquially assigns SolarWinds as the victim, many companies were affected, and it was the cybersecurity firm FireEye that first announced they had been infiltrated.

The hack, which occurred between March and June 2020 and targeted several companies and federal agencies, has been widely attributed to Russian intelligence. FireEye’s CEO Kevin Mandia and Microsoft President Brad Smith, both whom testified at the hearing, said the adversary was likely the Russians, but did not want to give an irrefutable affirmation.

“We all pretty much know who it is,” said Mandia.

Although there is not yet definitive proof, we are confident from the evidence that this was the Russian intelligence agency, said Smith.

As Broadband Breakfast reported Tuesday, SolarWinds’ CEO Sudhakar Ramakrishna said that the attack was very sophisticated and required extensive expertise, as it occurred in the software update supply chain environment.

The other witnesses agreed. Mandia explained that FireEye found the implanted code from thousands of hours of examining detailed assembly code that requires specialized knowledge to understand.

Although we’ve seen many cyberattacks in the past, the scale of this attack was new, said Smith. The level of expertise we saw here required at least a thousand very skilled, capable engineers, he said.

Mandia said that this attack has been in the works for a long time. “This has been a multi-decade campaign for them. They just so happen to—in 2020—create a backdoor SolarWinds implant,” he said.

“They did a dry run in October of 2019, where they put innocuous code into the SolarWinds build just to make sure the results of their intrusion made it into the SolarWinds production platform environment,” he said.

SolarWinds still does not yet know how the attacker penetrated the company’s supply chain environment, but has narrowed it down to a few possibilities, said Ramakrishna. He did not elaborate on details, emphasizing that the investigation was still under way.

The witnesses said that what the hackers wanted and everything they took is still a mystery. At this point, we still don’t know everything the attacker did—only the attacker does, said Smith.

Various senators asked what needs to be done now that the world knows about the attack. The witnesses said they need better partnerships between the public and private sectors, especially a confidential way to report cyberattacks to the government.

They also said that nations need to agree on “ground rules” for engaging in cyberwarfare. During war, we agree not to bomb ambulances or hospitals, and in the digital space there needs to be equivalent off-limit targets, said Smith. These should include software updates, because the entire world and every type of infrastructure, both digital and physical, relies on them, he said.

The House Oversight and Homeland Security Committees are scheduled to hold a similar hearing Friday.

Continue Reading

Cybersecurity

Senator Recommends Mandatory Breach Reporting for Companies

Angus King, I-Maine, also said companies should go through hack testing to beef up security.

Published

on

U.S. Senator Angus King, I-Maine

WASHINGTON, February 24, 2021 – In the first public hearing on the topic since the SolarWinds cyberattack in December, industry leaders testified Tuesday before the Senate Intelligence Select Committee that there are still unanswered questions about the attack.

Those questions include who did it, how they did it, and what they wanted.

Although the attack colloquially assigns SolarWinds as the victim, many companies were affected, and it was the cybersecurity firm FireEye that first announced they had been infiltrated.

The hack, which occurred between March and June 2020 and targeted several companies and federal agencies, has been widely attributed to Russian intelligence. FireEye’s CEO Kevin Mandia and Microsoft President Brad Smith, both whom testified at the hearing, said the adversary was likely the Russians, but did not want to give an irrefutable affirmation.

“We all pretty much know who it is,” said Mandia.

Although there is not yet definitive proof, we are confident from the evidence that this was the Russian intelligence agency, said Smith.

As Broadband Breakfast reported Tuesday, SolarWinds’ CEO Sudhakar Ramakrishna said that the attack was very sophisticated and required extensive expertise, as it occurred in the software update supply chain environment.

The other witnesses agreed. Mandia explained that FireEye found the implanted code from thousands of hours of examining detailed assembly code that requires specialized knowledge to understand.

Although we’ve seen many cyberattacks in the past, the scale of this attack was new, said Smith. The level of expertise we saw here required at least a thousand very skilled, capable engineers, he said.

Mandia said that this attack has been in the works for a long time. “This has been a multi-decade campaign for them. They just so happen to—in 2020—create a backdoor SolarWinds implant,” he said.

“They did a dry run in October of 2019, where they put innocuous code into the SolarWinds build just to make sure the results of their intrusion made it into the SolarWinds production platform environment,” he said.

SolarWinds still does not yet know how the attacker penetrated the company’s supply chain environment, but has narrowed it down to a few possibilities, said Ramakrishna. He did not elaborate on details, emphasizing that the investigation was still under way.

The witnesses said that what the hackers wanted and everything they took is still a mystery. At this point, we still don’t know everything the attacker did—only the attacker does, said Smith.

Various senators asked what needs to be done now that the world knows about the attack. The witnesses said they need better partnerships between the public and private sectors, especially a confidential way to report cyberattacks to the government.

They also said that nations need to agree on “ground rules” for engaging in cyberwarfare. During war, we agree not to bomb ambulances or hospitals, and in the digital space there needs to be equivalent off-limit targets, said Smith. These should include software updates, because the entire world and every type of infrastructure, both digital and physical, relies on them, he said.

The House Oversight and Homeland Security Committees are scheduled to hold a similar hearing Friday.

Continue Reading

Cybersecurity

Companies Give Kudos to Amazon Web Services, As Competition in Cloud Security Heats Up

Experts praise Amazon’s cloud services, as competition in the space accelerates and as the feds tackle cybersecurity concerns.

Published

on

Bill Vass, Vice President of engineering with AWS

WASHINGTON, February 24, 2021 – In the first public hearing on the topic since the SolarWinds cyberattack in December, industry leaders testified Tuesday before the Senate Intelligence Select Committee that there are still unanswered questions about the attack.

Those questions include who did it, how they did it, and what they wanted.

Although the attack colloquially assigns SolarWinds as the victim, many companies were affected, and it was the cybersecurity firm FireEye that first announced they had been infiltrated.

The hack, which occurred between March and June 2020 and targeted several companies and federal agencies, has been widely attributed to Russian intelligence. FireEye’s CEO Kevin Mandia and Microsoft President Brad Smith, both whom testified at the hearing, said the adversary was likely the Russians, but did not want to give an irrefutable affirmation.

“We all pretty much know who it is,” said Mandia.

Although there is not yet definitive proof, we are confident from the evidence that this was the Russian intelligence agency, said Smith.

As Broadband Breakfast reported Tuesday, SolarWinds’ CEO Sudhakar Ramakrishna said that the attack was very sophisticated and required extensive expertise, as it occurred in the software update supply chain environment.

The other witnesses agreed. Mandia explained that FireEye found the implanted code from thousands of hours of examining detailed assembly code that requires specialized knowledge to understand.

Although we’ve seen many cyberattacks in the past, the scale of this attack was new, said Smith. The level of expertise we saw here required at least a thousand very skilled, capable engineers, he said.

Mandia said that this attack has been in the works for a long time. “This has been a multi-decade campaign for them. They just so happen to—in 2020—create a backdoor SolarWinds implant,” he said.

“They did a dry run in October of 2019, where they put innocuous code into the SolarWinds build just to make sure the results of their intrusion made it into the SolarWinds production platform environment,” he said.

SolarWinds still does not yet know how the attacker penetrated the company’s supply chain environment, but has narrowed it down to a few possibilities, said Ramakrishna. He did not elaborate on details, emphasizing that the investigation was still under way.

The witnesses said that what the hackers wanted and everything they took is still a mystery. At this point, we still don’t know everything the attacker did—only the attacker does, said Smith.

Various senators asked what needs to be done now that the world knows about the attack. The witnesses said they need better partnerships between the public and private sectors, especially a confidential way to report cyberattacks to the government.

They also said that nations need to agree on “ground rules” for engaging in cyberwarfare. During war, we agree not to bomb ambulances or hospitals, and in the digital space there needs to be equivalent off-limit targets, said Smith. These should include software updates, because the entire world and every type of infrastructure, both digital and physical, relies on them, he said.

The House Oversight and Homeland Security Committees are scheduled to hold a similar hearing Friday.

Continue Reading

Recent

Signup for Broadband Breakfast

Get twice-weekly Breakfast Media news alerts.
* = required field

 

Trending