Top executives at Texas-based software company SolarWinds, Microsoft and cybersecurity firms FireEye and CrowdStrike Holdings defended their conduct in breaches allegedly by Russian hackers, and sought to shift responsibility elsewhere in testimony to a US Senate panel on Tuesday.
One of the worst hacks yet discovered had an impact on all four. SolarWinds and Microsoft programs were used to attack others, and the hack struck about 100 US companies and nine federal government agencies.
US lawmakers started the hearing by criticizing Amazon.com representatives, who they said were invited to testify and whose servers were used to launch the cyberattack, for declining to attend the hearing.
“I think they have an obligation to cooperate with this inquiry, and I hope they will voluntarily do so,” US Senator Susan Collins said. “If they don’t, I think we should look at next steps.”
The executives argued for greater transparency and information sharing about breaches, with liability protections and a system that does not punish those who come forward, similar to airline disaster investigations.
Microsoft president Brad Smith and others told the US Senate Select Committee on Intelligence that the true scope of the intrusions is still unknown, because most victims are not legally required to disclose attacks unless they involve sensitive information about individuals.
Also testifying were FireEye CEO Kevin Mandia, whose company was the first to discover the hackers; SolarWinds CEO Sudhakar Ramakrishna, whose company’s software was hijacked by the spies to break in to a host of other organizations; and CrowdStrike CEO George Kurtz, whose company is helping SolarWinds recover from the breach.
“It’s imperative for the nation that we encourage and sometimes even require better information-sharing about cyberattacks,” Smith said, adding that many techniques used by the hackers have not come to light and that “the attacker might have used up to a dozen different means of getting into victim networks during the past year.”
Microsoft last week disclosed that the hackers had been able to read the company’s closely guarded source code for how its programs authenticate users. At many of the victims, the hackers manipulated those programs to access new areas inside their targets.
Smith said that such movement was not due to programming errors on Microsoft’s part, but on poor configurations and other controls on the customer’s part, including cases “where the keys to the safe and the car were left out in the open.”
In CrowdStrike’s case, hackers used a third-party vendor of Microsoft software, which had access to CrowdStrike systems, and tried, but failed, to get into the company’s e-mail servers.
Kurtz turned the blame on Microsoft for its complicated architecture, which he called “antiquated.”
“The threat actor took advantage of systemic weaknesses in the Windows authentication architecture, allowing it to move laterally within the network” and reach the cloud environment while bypassing multifactor authentication, Kurtz’s prepared statement said.
Where Smith appealed for US government help in providing remedial instruction for cloud users, Kurtz said that Microsoft should look to its own house, and fix problems with its widely used Active Directory and Azure services.
“Should Microsoft address the authentication architecture limitations around Active Directory and Azure Active Directory, or shift to a different methodology entirely, a considerable threat vector would be completely eliminated from one of the world’s most widely used authentication platforms,” Kurtz said.
Alex Stamos, a former Facebook and Yahoo security official now consulting for SolarWinds, agreed with Microsoft that customers who split their resources between their own premises and Microsoft’s cloud are especially at risk, because skilled hackers can move back and forth, and recommended that they move wholly to the cloud.
The Australian government yesterday said that it had decided against buying the single-dose Johnson & Johnson (J&J) COVID-19 vaccine and identified a second case of a rare blood clot likely linked to the AstraZeneca shot. The Australian government had been in talks with the New Jersey-based pharmaceutical giant, which had asked the Australian Therapeutic Goods Administration for provisional registration. However, Australian Minister of Health Greg Hunt ruled out a J&J contract, because its vaccine was similar to the AstraZeneca product, which Australia had already contracted for 53.8 million doses. Hunt said the government was following the advice of Australia’s scientific and technical advisory
The Indonesian government has said it is satisfied with the effectiveness of the Chinese COVID-19 vaccine it has been using, after China’s top disease control official said that current vaccines offer low protection against the novel coronavirus. Siti Nadia Tarmizi, a spokesperson for Indonesia’s COVID-19 vaccine program, on Monday said the WHO had found that the Chinese vaccines had met requirements by being more than 50 percent effective. Clinical trials in Indonesia for the vaccine from Chinese drugmaker Sinovac showed that it was 65 percent effective, she said. “It means ... the ability to form antibodies in our bodies is still very
The Oscars are the glitziest night of the year in Hollywood and millions across the globe tune in, but they threaten to be a dud in China after the nomination of a Hong Kong protest documentary. Beijing-born filmmaker Chloe Zhao (趙婷), who is touted to win big for her acclaimed American road movie Nomadland, has also faced criticism back home after some questioned her loyalty to China. China has spent years “pining for Hollywood accolades,” entertainment magazine Variety said, and state broadcaster China Central Television has shown the awards live or on a delay since 2003. Online platforms in China, the world’s fastest-growing
FEARING THE WORST: High-powered weapons, as well as a hand grenade, were used in fighting between two clans over a land ownership dispute that is expected to continue Police are warning an “all-out war” could erupt in Papua New Guinea’s Eastern Highlands Province, after 19 people were killed in tribal violence last week. High-powered weapons, as well as a hand grenade, were used in fighting on Thursday and Friday near a town called Kainantu, resulting in 19 deaths, with many more people unaccounted for and properties destroyed. The fighting, between the Agarabi and Tapo clans, was over a land ownership dispute and broke out just kilometers outside of Kainantu. Police said it is believed that the fighting stopped on Saturday and Sunday as some fighters observed the Sabbath, but they fear