Senate grills tech executives on SolarWinds hack


FireEye CEO Kevin Mandia, SolarWinds CEO Sudhakar Ramakrishna and Microsoft President Brad Smith testify during a Senate Intelligence Committee hearing on Capitol Hill on Tuesday, Feb. 23, 2021 in Washington. (Drew Angerer/Photo via AP)

FireEye CEO Kevin Mandia, SolarWinds CEO Sudhakar Ramakrishna and Microsoft President Brad Smith testify during a Senate Intelligence Committee hearing on Capitol Hill on Tuesday, Feb. 23, 2021 in Washington. (Drew Angerer/Photo via AP)

OAN Newsroom
UPDATED 10:27 AM PT – Wednesday, February 24, 2021

The Senate recently pressed high-level tech officials on last year’s SolarWinds cyber attack. On Tuesday, executives for SolarWinds, Microsoft, FyreEye and CrowdStrike spoke with the Senate Select Committee on Intelligence.

The SolarWinds hack, which was discovered last year, has been found to have compromised thousands of federal and private organizations. Although it’s still unknown exactly who was behind the attack, it’s largely suspected the hackers were affiliated with the Russian government.

According to experts, the hackers were able to open a back-door into organization’s systems. This allowed them to steal important credentials in order to gain access to everything in their networks.

“Notably, the threat actor took advantage of systemic weaknesses in the (Microsoft) Windows authentication architecture, allowing it to move laterally within the network as well as between the network,” explained CrowdStrike Chief Executive George Kurtz. “And the cloud by creating false credentials, impersonating legitimate users and bypassing multi-factor authentication.”

“Imagine almost a secret door in your house and the first thing that happens when they come to that secret door is all your keys are right there,” described FireEye CEO Kevin Mandia. “They just grab them and now they can get into any locks you have in your house, the same way your people do.”

Microsoft President Brad Smith made it the most apparent of those who testified that he fully believes the attack was of Russian origin. The attack started in March of last year and reportedly continued for months before being detected.

During his testimony, Smith said he believes one of the biggest challenges in identifying the hack was that the compromised information was stored in multiple places across several companies and agencies.

“We need to enhance the sharing of threat intelligence. Now, that’s the term in the cybersecurity community for information about attacks that people are seeing,” he stated. “And our basic challenge today is that that information too often exists in silos; it exists in silos in the government, it exists in different companies, it doesn’t come together.”

Smith added, the full scale of the attack hasn’t even been uncovered yet as more information comes to light.

MORE NEWS: China seeking to redefine human rights in pursuit of socialist goals





Source link

Amber28
Author: Amber28

Be the first to comment

Leave a Reply

Your email address will not be published.


*