The trial: The hearing on Tuesday afternoon – the first public congressional inquiry into SolarWinds’ infringement – will focus on the role private companies have played in discovering, analyzing and sharing information about the infringement, as well as solving the underlying problems in their own products. .
The list: Google on Monday presented to lawmakers more than a dozen questions, according to a Senate associate, aimed at examining the security of Microsoft products such as Windows 10, Azure and Office 365. The assistant spoke on the condition of anonymity in to discuss the matter freely.
It is unclear whether each legislator in the 16-member panel received the list of questions from Google.
According to the assistant, some, but not all, of the questions are intended for Smith, who will appear before the committee on Tuesday afternoon with SolarWinds executives and cybersecurity firms FireEye and CrowdStrike. The latter two companies were at the forefront of discovering the breadth and scope of the possible Russian espionage operation, which officials say targeted specifically at nine federal agencies and about 100 companies.
A second Senate assistant, who also spoke on the condition of anonymity, described Google’s questions as ‘bad’ and that members of the committee were told to be on their guard.
Neither Google nor Microsoft responded to requests for comment.
Discover the role of Microsoft: In a December 14 Submission of Securities and Exchange Commission, It appears that SolarWinds claims that the hackers first accessed its systems through bugs in Microsoft’s Office 365 service. Microsoft strongly deny that. In the same FAQ, Microsoft denied a December 17 Reuters reported that the hackers broke his network and used his products “to promote the attacks on others.”
But Microsoft has acknowledged that the hackers had access to some of the products’ source code and checked the code associated with the products they later used to maintain their access to broken networks.