Monday, April 12, 2021
Tech

Tech execs face round two of Congressional grilling over SolarWinds breach

Tech execs face round two of Congressional grilling over SolarWinds breach
0views


Hackers allegedly working for Moscow surreptitiously subverted SolarWinds’ software to infiltrate their targets, spending months inside government networks before they were identified

(Subscribe to our Today’s Cache newsletter for a quick snapshot of top 5 tech stories. Click here to subscribe for free.)

Cybersecurity executives are due to face their second round of Congressional questions on Friday over their companies’ roles in the sprawling series of digital intrusions blamed on the Russian government.

Texas software company SolarWinds Corp’s Chief Executive Sudhakar Ramakrishna, Microsoft Corp President Brad Smith, and FireEye Inc Chief Executive Kevin Mandia were due to address a joint hearing of the House Committees on Oversight and Reform and Homeland Security.

Their appearance comes three days after the trio testified before U.S. senators over the massive breach, which has ensnared nine American government agencies and more than 100 other organizations. SolarWinds’ former chief executive – Kevin Thompson, who stepped down shortly before the breach was announced – was also due to testify.

Also Read | U.S. government hack: espionage or act of war?

Hackers allegedly working for Moscow surreptitiously subverted SolarWinds’ software to infiltrate their targets, spending months inside government networks before they were identified.

Other techniques – including some still unknown – are believed to have been used as well. Lawmakers and executive branch experts alike are puzzling out how far the hackers got and who might be to blame.

Some have alleged that lax security practices at SolarWinds led to the breach. Others have laid blame at Microsoft’s door, saying that a failure to fix known problems with its cloud software authentication infrastructure helped speed the hackers’ progress across networks.

Speaking to senators on Tuesday, Microsoft’s Smith blamed poor configurations and other controls on the customer’s part, including cases “where the keys to the safe and the car were left out in the open.”

CrowdStrike Holdings Inc Chief Executive George Kurtz – who addressed senators Tuesday but will not be returning Friday – said Microsoft’s “antiquated” architecture was partially responsible.

You have reached your limit for free articles this month.

Subscription Benefits Include

Today’s Paper

Find mobile-friendly version of articles from the day’s newspaper in one easy-to-read list.

Unlimited Access

Enjoy reading as many articles as you wish without any limitations.

Personalised recommendations

A select list of articles that match your interests and tastes.

Faster pages

Move smoothly between articles as our pages load instantly.

Dashboard

A one-stop-shop for seeing the latest updates, and managing your preferences.

Briefing

We brief you on the latest and most important developments, three times a day.

Support Quality Journalism.

*Our Digital Subscription plans do not currently include the e-paper, crossword and print.



Source link

Leave a Response