10 Boldest Statements From The SolarWinds Senate Hearing
Senators and tech executives discussed how the SolarWinds hackers used AWS’ infrastructure, took advantage of Microsoft’s authentication process, dwelled in FireEye’s systems and remained undetected for months.
Security Takes Center Stage On Capitol Hill
Four executives leading the private sector response to the colossal SolarWinds hack testified Tuesday before the Senate Intelligence Committee and discussed who they thought was responsible for the attacks, what made this campaign different from previous nation-state incursions, and how the U.S. government and private industries can prevent something like this from happening again.
Taking the stand were FireEye CEO Kevin Mandia (pictured far left); SolarWinds CEO Sudhakar Ramakrishna (pictured center); Microsoft President Brad Smith (pictured right); and CrowdStrike CEO George Kurtz. They appeared in front of Intelligence Committee Chairman Sen. Mark Warner, D-Va.; Vice Chairman Sen. Marco Rubio, R-Fla.; as well as committee members including Sen. John Cornyn, R-Texas; and Sen. Richard Burr, R-N.C.
Mandia discussed how long the hackers were in FireEye’s systems, Ramakrishna addressed SolarWinds’ investigation into potential entry vectors, Kurtz described how hackers took advantage of architectural limitations in Microsoft’s authentication process, and Smith defended Microsoft’s use of the SAML authentication standard.
Several senators also slammed Amazon Web Services for refusing to testify at the hearing about the SolarWinds intrusion even though the public cloud giant’s infrastructure was used in the attack. Here’s a look at 10 of the boldest statements from elected officials and tech executives at the SolarWinds senate hearing.