- U.S. senators question the tech companies involved in the comprehensive cyber attack last year.
- SolarWinds, Microsoft, FireEye and CrowdStrike all testified, while Amazon declined to attend.
- Microsoft’s president has said evidence points to Russia, where officials suspect the attack originated.
- Visit the Insider Business Department for more stories.
The U.S. Senate questioned the chief executives of SolarWinds and other tech companies in a hearing on Tuesday after unknown assailants, who allegedly had ties to Russia, hacked into the company’s software last year, infecting thousands of organizations, including major federal agencies. endanger.
SolarWinds was joined at the trial by FireEye, the cyber security firm that discovered the malware in December, as well as Microsoft, whose president, Brad Smith, was present during the proceedings. CrowdStrike CEO George Kurtz also testified. His cyber security firm was apparently able to ward off the hackers.
During the trial, Smith gave the strongest indication that the cyber attack originated in Russia, while Kurtz and Kevin Mandia, CEO of FireEye, did not confirm or deny the origin of the attackers. But Mandia said the attack was in line with Russian behavior.
Several senators noted that Amazon – specifically its leading arm of the Amazon Web Services cloud computer – was asked to attend the trial as well, but declined the Senate invitation. Republican Sen. Susan Collins of Maine said the company has an “obligation” to participate and that the committee “should look at the next steps if it does not move forward.”
The cyber attack began in March and went unnoticed for months. SolarWinds told the Securities and Exchange Commission that about 18,000 of its 300,000 customers were targeted in the attack. High-level government data has been exposed – the Trump administration confirmed in December that hackers had indeed infiltrated key networks, including the US Treasury and the Department of Commerce.
Read more: Why the impact of the unprecedented SolarWinds cap hitting federal agencies is huge and could hurt thousands of companies, according to cybersecurity experts
Fortune 500 companies – including Microsoft, AT&T and McDonald’s – were among SolarWinds’ vulnerable customer base. Microsoft said its products, including the Office 365 package and the Azure cloud, were not used in the hack, but were targeted while the attackers succeeded with some of the source code. And FireEye researchers say the hackers appear to be able to send emails and access calendars on Microsoft’s 365 suite.
Read more: Microsoft said the software and tools were not used in any way in the SolarWinds attacks. New findings suggest a more complicated role
The White House said it could respond to the SolarWinds hacks within weeks, which could include sanctions against the Russian government.
Insider reported that the trial Tuesday was a turning point in the relationship between the U.S. government and the cyber security world, namely how industry industry can help federal officials deter future nation-state attacks.
The live blog is now over. Below are some highlights from the three-hour trial.
Sen. Mark Warner said the committee invited Amazon to attend the trial, but the company refused
Democratic Sen. Mark Warner of Virginia kicked off the trial, noting that Amazon rejected the Senate’s invitation to testify in Tuesday’s hearing. Florida Republican Senator Marco Rubio also touched on the company’s lack of participation, saying, “It will be very helpful in the future if they attend these hearings.” Amazon did not immediately respond to a request for comment from Insider.
Collins said if the tech giant does not decide to testify, the committee should look at the next steps. Republican Senator Ben Sasse of Nebraska and Warner also expressed concern about the company’s absence. The Senate committee is expected to upload additional documents within a few weeks.
Microsoft President Brad Smith said the full scope of the attack was still unfolding
In his opening statement, Smith said there is still much we do not know about the extent of the cyber attack, and that there needs to be a reform in the relationship between Silicon Valley’s cyber security arm and the federal government. He also said he believed Russia was behind the attack.
Mandia, the CEO of FireEye, used his opening statement to declare the attack ‘extremely difficult to detect’ and later said it was a planned crackdown. “The question is where is the next one? And where are we going to get it?” Mandia said.
Smith says all the evidence points to Russia
Smith said earlier that “at this stage we have seen considerable evidence pointing to the Russian Foreign Embassy, and we have also not seen any evidence pointing to anyone else.” He said during the trial that more than 80% of the entities targeted by the attack were non-governmental organizations.
CrowdStrike CEO Mandia and Kurtz agreed that the attacker was a national state actor. But no board member said who they thought was behind it. Mandia did say that his company analyzed forensic analyzes and found that it “most closely resembles espionage and behavior we have seen in Russia.”