The US Senate is grilling Microsoft and SolarWinds over last year’s historic cyberattack

SolarWinds Corp. banner hangs at the New York Stock Exchange (NYSE) on the IPO day of the company in New York.

  • US Senators are questioning the tech firms involved in last year’s sweeping cyberattack.
  • SolarWinds, Microsoft, FireEye, and CrowdStrike are all testifying in the Tuesday hearing, which you can livestream below.
  • Hackers installed malware into SolarWinds’ software, which was then distributed to the firm’s clients.
  • Visit the Business section of Insider for more stories.

The US Senate is questioning the chief exeutives of SolarWinds and other tech firms in a hearing Tuesday after unknown attackers, with suspected links to Russia, infiltrated the company’s software last year, compromising thousands of organizations including major federal agencies.

SolarWinds is joined in the hearing by FireEye, the cybersecurity firm that first discovered the malware in December, as well as Microsoft, whose president, Brad Smith, is present at the proceedings. CrowdStrike CEO George Kurtz will also testify; his cybersecurity firm was apparently able to stave off the hackers.

The cyberattack began in March of last year and went undetected for months. SolarWinds told the SEC that about 18,000 of its 300,000 clients were targeted in the attack. High-level government data was left exposed – the Trump administration confirmed in December that hackers had indeed infiltrated key networks, including the US Treasury and the Commerce Department. 

Read more: Why the impact of the unprecedented SolarWinds hack that hit federal agencies is ‘gargantuan’ and could hurt thousands of companies, according to cybersecurity experts

Fortune 500 companies – including Microsoft, AT&T, and McDonald’s – were among SolarWinds’ vulnerable customer base. Microsoft has said its products, including its Office 365 suite and Azure cloud, were not used in the hack, but they were targeted, with the attackers making off with some of its source code. And FireEye researchers say the hackers appear to be able to send emails and access calendars on Microsoft’s 365 suite.

Read more: Microsoft said its software and tools were not used ‘in any way’ in the SolarWinds attacks. New findings suggest a more complicated role

The White House has said it may respond to the SolarWinds hacks in a matter of weeks, which could include sanctions against the Russian government.

As Insider reported, Tuesday’s hearing will be a pivotal moment in the relationship between the US government and the cybersecurity world, namely how the industry can help federal officials stave off nation-state attacks in the future.

You can watch the live stream below. Follow along here for live updates from the hearing.

Chairman Mark Warner said the committee invited Amazon to attend the hearing but the company declined

Sen. Warner kicked off the hearing and noted that Amazon declined the Senate’s invitation to testify in Tuesday’s hearing. Sen. Marco Rubio also touched on the company’s lack of participation and said, “it would be most helpful in the future if they actually attended these hearings.” Amazon did not immediately respond to Insider’s request for comment.

Microsoft president Brad Smith said the attack’s full scope is still unfolding

In his opening statement, Smith said there’s much that we still don’t know regarding the extent of the cyberattack and that there must be reform to the relationship between Silicon Valley’s cybersecurity arm and the federal government. He also said he believes that Russia is behind the attack.

FireEye CEO Kevin Mandia used his opening statement to declare the attack as behind “exceptionally hard to detect” and also later said that this was a planned hack. “The question is where’s the next one? And where are we going to find it?” Mandia said.  

Microsoft’s Smith believes all the evidence points to Russia

Smith said earlier that “at this stage we’ve seen substantial evidence that points to the Russian foreign embassy and we’ve seen no evidence that points to anyone else.”

Mandia and CrowdStrike CEO George Kurtz agreed that the attacker was a nation-state actor. However, neither confirmed who they thought was exactly behind it. Mandia did say that his company analyzed forensics and found that it’s “most consistent with espionage and behaviors we’ve seen out of Russia.”

Read the original article on Business Insider