Tech executives testify in Solorigate hearing.
Representatives from SolarWinds, Microsoft, FireEye, and CrowdStrike testified before the US Senate Select Committee on Intelligence regarding the Solorigate cyberespionage campaign. According to the Wall Street Journal, SolarWinds CEO Sudhakar Ramakrishna emphasized that the compromise of the company's Orion product was only one aspect of a wide-ranging campaign, and said SolarWinds is still investigating how the attackers gained initial access to its servers.
Microsoft president Brad Smith said there should be an investigation into other companies that may have been used as initial access vectors, stating, "There may be other brand-name players that may have been penetrated that not have been as forthcoming…leaving policy makers and potentially customers in the dark."
CrowdStrike CEO George Kurtz blamed Microsoft's "antiquated" architecture for the failed attack against CrowdStrike. Seeking Alpha quotes Kurtz as saying, "The threat actor took advantage of systemic weaknesses in the Windows authentication architecture, allowing it to move laterally within the network. Should Microsoft address the authentication architecture limitations around Active Directory and Azure Active Directory, or shift to a different methodology entirely, a considerable threat vector would be completely eliminated from one of the world’s most widely used authentication platforms."
FireEye CEO Kevin Mandia said most of the victims targeted in the campaign "were government, consulting, technology, and telecommunications entities in North America."
Amazon was invited to the hearing but declined to attend, stating that it wasn't affected by the hack, according to Business Insider. Amazon Web Services' vice president of public policy Shannon Kellogg stated in a letter, "AWS does not use the SolarWinds Orion software and our services were not compromised in any way, which is why we did not provide formal testimony on the panel yesterday. However, we look forward to continuing our ongoing engagement with you and your committee on cyber security issues. When we learned of SolarWinds, we immediately investigated, ensured we weren’t affected, and provided mitigation measures to help our customers who were. We promptly shared what we learned with the FBI. We’ve also provided detailed briefings to government officials, including Members of Congress and, specifically, to your committee."
Senator Susan Collins (Republican of Maine) said the Committee should "should look at next steps" if Amazon declines to participate in the future.