Amazon said it skipped a Congressional hearing about the SolarWinds hack because the e-commerce giant doesn't use the company's software

Advertisement
Amazon said it skipped a Congressional hearing about the SolarWinds hack because the e-commerce giant doesn't use the company's software
Amazon CEO Jeff Bezos.Alex Wong/Getty Images
  • Amazon said it declined to attend a SolarWinds hearing since it wasn't impacted by the hack.
  • SolarWinds, Microsoft, and others appeared before the Senate in a Tuesday hearing.
  • Senators voiced concern over Amazon's absence, and one said the firm has an "obligation" to be there.

Amazon has confirmed that it was not affected by the sweeping SolarWinds hack because it does not use the IT company's software.

In a letter to Sens. Mark Warner (D-VA) and Marco Rubio (R-FL) that was viewed by Insider, Amazon Web Services' vice president of public policy Shannon Kellogg said the company's cloud arm doesn't use SolarWinds' Orion software, so its services "were not compromised in any way, which is why we did not provide formal testimony on the panel yesterday."

Top executives at SolarWinds, Microsoft, and the cybersecurity firms FireEye and CrowdStrike all testified in front of the Senate on Tuesday over the massive cyberattack of last year. Multiple senators, including Sens. Warner and Rubio, said during the hearing that the committee invited Amazon to attend, but the company had declined. Lawmakers speculated that attackers used Amazon's cloud service in its security breach and wanted to investigate the role that its platform played in the hack.

Advertisement

Read more: 5 takeaways from the Tuesday Senate hearing over the SolarWinds cyberattack

Many voiced concern over the company's absence, including Republican Sen. Susan Collins, who said Amazon had an "obligation" to participate. The senator said if it doesn't moving forward, the committee "should look at next steps."

Amazon stated in its letter that it looks "forward to continuing our ongoing engagement" with the Senate committee on cybersecurity issues but did not specify if it would agree to testify.

Advertisement

The company also said it immediately investigated and found that Amazon was not affected when it learned of the SolarWinds security breach. It then shared its findings with the FBI as well as "provided detailed briefings to government officials, including Members of Congress and, specifically, to your committee," according to the letter.

The Wall Street Journal first reported the letter. Amazon did not immediately respond to Insider's request for comment.

The SolarWinds hack has been called the country's most sweeping and sophisticated cyberattack in recent memory. Hackers discreetly broke into the IT company's systems and installed malware last year before the software was distributed to clients, many of which are Fortune 500 companies and top government agencies. The breach left sensitive data, including top-level government information, vulnerable.

Advertisement

Read more: How hackers breached IT company SolarWinds and staged an unprecedented attack that left US government agencies vulnerable for 9 months

Federal officials and cybersecurity experts, as well as Microsoft president Brad Smith, believe that Russia is behind the attack. FireEye CEO Kevin Mandia said based on his company's forensic analysis, the evidence is "most consistent with espionage and behaviors we've seen out of Russia." However, the executives noted that the attack is still under investigation.

You can read Amazon's letter to lawmakers in full below:

Advertisement
{{}}