The US Senate just grilled Microsoft and SolarWinds over last year's historic cyberattack. Here's what happened.
- US senators questioned the tech firms involved in last year's sweeping cyberattack.
- SolarWinds, Microsoft, FireEye, and CrowdStrike all testified, while Amazon declined to attend.
- Microsoft's president said evidence points to Russia, where officials suspect the attack originated.
SolarWinds was joined in the hearing by FireEye, the
The cyberattack began in March and went undetected for months. SolarWinds told the Securities and Exchange Commission that about 18,000 of its 300,000 clients were targeted in the attack. High-level government data was left exposed - the Trump administration confirmed in December that hackers had indeed infiltrated key networks, including the US Treasury and the Commerce Department.Read more: Why the impact of the unprecedented SolarWinds hack that hit federal agencies is 'gargantuan' and could hurt thousands of companies, according to cybersecurity experts
Fortune 500 companies - including Microsoft, AT&T, and McDonald's - were among SolarWinds' vulnerable customer base. Microsoft has said its products, including its Office 365 suite and Azure cloud, were not used in the
Insider reported Tuesday's hearing was a pivotal moment in the relationship between the US government and the cybersecurity world, namely in how the industry could help federal officials stave off nation-state attacks in the future.
The live blog is now over. Below are some highlights from the three-hour hearing.
Sen. Mark Warner said the committee invited Amazon to attend the hearing but the company declinedDemocratic Sen. Mark Warner of Virginia kicked off the hearing and noted that Amazon declined the Senate's invitation to testify in Tuesday's hearing. Republican Sen. Marco Rubio of Florida also touched on the company's lack of participation and said: "It would be most helpful in the future if they actually attended these hearings." Amazon did not immediately respond to Insider's request for comment.
Collins said if the tech giant didn't decide to testify, the committee "should look at next steps." Republican Sen. Ben Sasse of Nebraska and Warner also expressed concern surrounding the company's absence. The Senate committee is expected to upload additional documents in a few weeks.
Microsoft President Brad Smith said the attack's full scope was still unfolding
In his opening statement, Smith said there was much we still didn't know regarding the extent of the cyberattack and that there must be reform to the relationship between Silicon Valley's cybersecurity arm and the federal government. He also said he believed Russia was behind the attack.Mandia, FireEye's CEO, used his opening statement to declare the attack "exceptionally hard to detect" and later said that it was a planned hack. "The question is where's the next one? And where are we going to find it?" Mandia said.
Smith says all the evidence points to RussiaSmith said earlier that "at this stage we've seen substantial evidence that points to the Russian foreign embassy, and we've seen no evidence that points to anyone else." He said in the hearing that more than 80% of the entities targeted in the attack were nongovernment organizations.
Mandia and Kurtz, CrowdStrike's CEO, agreed that the attacker was a nation-state actor. But neither exec said who they thought was behind it. Mandia did say that his company analyzed forensics and found that it was "most consistent with espionage and behaviors we've seen out of Russia."
- Airtel's India business is back in the black after a very long time
- Sequoia and PayPal-backed Pine Labs completes a first close of $285 million funding round from new investors
- BJP spent significantly less on advertising during Kerala elections this year, its ad insertions on TV, Radio and Print decreased from 21% in 2016 to 1% in 2021
- Google I/O 2021: Here's what to expect from Google's biggest annual conference
- ISRO announces its decision to share technology to make portable medical oxygen concentrators developed by VSSC