The US House committees on homeland security and on oversight and reform will host a hearing on the SolarWinds hack this week, they announced Monday. The hearing on Feb. 26 will see SolarWinds CEO Sudhakar Ramakrishna, former SolarWinds CEO Kevin Thompson, Microsoft president Brad Smith and FireEye CEO Kevin Mandia testify.
The hearing will look into the role of private companies in preventing, investigating and remediating cyberattacks that affect the government and cause damage to our national security.
The hearings follow last year’s SolarWinds hack, which US intelligence agencies in early January.
“This work indicates that an Advanced Persistent Threat (APT) actor, likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and non-governmental networks,” said a joint statement from the FBI, NSA, Cybersecurity and Infrastructure Security Agency, and Office of the Director of National Intelligence. “At this time, we believe this was, and continues to be, an intelligence gathering effort.”
The hack started around March 2020, when hackers compromised IT management software from Texas-based SolarWinds. The hackers placed malicious code in a SolarWinds software update, and around 18,000 of the company’s customers, in both the private and the public sectors, installed the tainted update.
The breach reportedly included an email system used by senior leadership at the Treasury Department. Government officials have confirmed breaches at the Treasury Department as well as the departments of Energy and Commerce. The hack also reportedly hit the Department of Homeland Security, the Pentagon and the State Department, as well as the National Institutes of Health and the National Nuclear Security Administration.
The hearing — called “Weathering the Storm: The Role of Private Tech in the SolarWinds Breach and Ongoing Campaign” — starts at 9 a.m. ET on Feb. 26, and you can watch it on YouTube or the Committee on Oversight and Reform website.