aljazeera.com
News|Cybersecurity
‘They may be in the system’: Questions remain on SolarWinds hack
Microsoft president tells Congressional hearing best practices, more personnel needed to secure US systems.
The SolarWinds logo is seen outside its headquarters in Austin, Texas, on December 18, 2020 [File: Sergio Flores/Reuters]
26 Feb 2021
The US House of Representatives Oversight and Homeland Security Committees held a joint hearing on Friday on the implications of the ongoing SolarWinds hack for the government and private industry.
The hack, which was discovered by private security company FireEye in December, has ravaged roughly 18,000 customers and at least nine government agencies.
KEEP READING
US intelligence agencies say Russia likely behind gov’t hack
Biden hires ‘world class’ cybersecurity team after massive hack
Suspected Chinese hackers breach US government via SolarWinds bug
SolarWinds is a US-based company that develops system management software for use in businesses and organisations. Authorities have said the attack gathered intelligence, but they have yet to give specifics.
Representative Carolyn B Maloney, chairwoman of the Oversight Committee, said “a sophisticated attacker reported to be the Russian government broke into the SolarWinds system and inserted malicious code into its software … nearly 18,000 customers downloaded updates containing the malicious code”.
Maloney said the hack, which was spread through a vulnerability in widely used Microsoft cloud software, affected law enforcement agencies, and more than 100 private companies involved “in foreign affairs and national security … And that’s just what we know. There’s much more that we still don’t know. We still don’t know if they’re still in the system.”
Eleanor Norton, the District of Columbia’s delegate to the House who is a member of the Oversight committee, said “the information I’ve been given, is that the breaches included the Department of Energy, including a component responsible for managing the nation’s nuclear weapons” and the “roughly 3,500 accounts” from the Justice Department.
Lawmakers on both committees pressed representatives of SolarWinds, Microsoft and FireEye on how to prevent these attacks from happening in the future.
Microsoft President Brad Smith told the joint hearing his company needs to focus on securing the software supply chain, but what “we need to do is think much more broadly, we need to focus on the modernisation of the information technology infrastructure. And we need to apply more broadly cybersecurity best practices.”
Microsoft President Brad Smith listens during the Senate Intelligence Committee hearing on Capitol Hill in Washington, DC [Demetrius Freeman/Pool via Reuters]
For example, most cybersecurity experts recommend two-factor authentication and complex passwords. Reuters reported the company was informed in 2019 that its updates server password, “solarwinds123”, was highly vulnerable.
Reuters further reported hackers have claimed they could sell access to SolarWinds’ computers since 2017 by faking the identity of authorised employees to gain access to cloud services.
Smith said in the US “today there’s a shortage of more than 300,000 trained cybersecurity personnel. And this is something that we as a tech company like Microsoft can focus on addressing by helping colleges and universities, high schools, and others, develop the people we will need in the future.”
Smith previously said investigators estimate at least 1,000 highly skilled engineers would have been required to develop the code used to hack SolarWinds.
US national security officials have also said Russia was likely responsible for the breach, and President Joe Biden’s administration is weighing punitive measures against Russia for the hack as well as other activities.
Russia has denied responsibility for the breach.
China, too, has reportedly gained access to US government files through the vulnerability. Beijing has denied this.
President Joe Biden speaks to Department of Defense personnel alongside Vice President Kamala Harris and Defense Secretary Lloyd Austin at the Pentagon on February 10, 2021[FIle: Patrick Semansky/AP Photo]
The hack was downplayed by former President Donald Trump, whose administration demoted cybersecurity as a policy field.
Biden has announced cybersecurity will be a priority in his administration. Under a recent law, Biden must open a cyber-focused office reporting to a new National Cyber Director, who will coordinate the federal government’s vast cyber capabilities.
SOURCE: AL JAZEERA AND NEWS AGENCIES
RELATED
Trump’s silence on cyberattack raises doubts about swift response
As Russia emerges as the likely source of the hack, any retaliation will likely fall to Trump’s successor, Joe Biden.
18 Dec 2020
Trump downplays massive cyberattack on US government agencies
In first comments since breach, Donald Trump says everything ‘under control’ and questions alleged Russian involvement.
19 Dec 2020
Microsoft says suspected Russian hackers accessed source code
A Microsoft spokesperson declined to say which source code the hackers viewed.
31 Dec 2020
MORE FROM NEWS
Kosovo gov’t offices targeted as tensions soar with Serbia
What will Germany look like without Angela Merkel?
Taliban displays bodies of alleged kidnappers in Herat
Mali approached Russian companies, Moscow not involved: Lavrov
MOST READ
Huawei CFO arrives in China after deal with US prosecutors
Has the Delta variant changed the symptoms of COVID-19?
Flights cancelled after new Canary Islands volcanic eruption
Germany set to vote in most unpredictable elections in years
Advertisement
About
Connect
Our Channels
Our Network
Follow Al Jazeera English:
© 2021 Al Jazeera Media Network