Top executives at Texas-based software company SolarWinds, Microsoft and cybersecurity firms FireEye and CrowdStrike Holdings defended their conduct in breaches allegedly by Russian hackers, and sought to shift responsibility elsewhere in testimony to a US Senate panel on Tuesday.
One of the worst hacks yet discovered had an impact on all four. SolarWinds and Microsoft programs were used to attack others, and the hack struck about 100 US companies and nine federal government agencies.
US lawmakers started the hearing by criticizing Amazon.com representatives, who they said were invited to testify and whose servers were used to launch the cyberattack, for declining to attend the hearing.
Photo: Bloomberg
“I think they have an obligation to cooperate with this inquiry, and I hope they will voluntarily do so,” US Senator Susan Collins said. “If they don’t, I think we should look at next steps.”
The executives argued for greater transparency and information sharing about breaches, with liability protections and a system that does not punish those who come forward, similar to airline disaster investigations.
Microsoft president Brad Smith and others told the US Senate Select Committee on Intelligence that the true scope of the intrusions is still unknown, because most victims are not legally required to disclose attacks unless they involve sensitive information about individuals.
Also testifying were FireEye CEO Kevin Mandia, whose company was the first to discover the hackers; SolarWinds CEO Sudhakar Ramakrishna, whose company’s software was hijacked by the spies to break in to a host of other organizations; and CrowdStrike CEO George Kurtz, whose company is helping SolarWinds recover from the breach.
“It’s imperative for the nation that we encourage and sometimes even require better information-sharing about cyberattacks,” Smith said, adding that many techniques used by the hackers have not come to light and that “the attacker might have used up to a dozen different means of getting into victim networks during the past year.”
Microsoft last week disclosed that the hackers had been able to read the company’s closely guarded source code for how its programs authenticate users. At many of the victims, the hackers manipulated those programs to access new areas inside their targets.
Smith said that such movement was not due to programming errors on Microsoft’s part, but on poor configurations and other controls on the customer’s part, including cases “where the keys to the safe and the car were left out in the open.”
In CrowdStrike’s case, hackers used a third-party vendor of Microsoft software, which had access to CrowdStrike systems, and tried, but failed, to get into the company’s e-mail servers.
Kurtz turned the blame on Microsoft for its complicated architecture, which he called “antiquated.”
“The threat actor took advantage of systemic weaknesses in the Windows authentication architecture, allowing it to move laterally within the network” and reach the cloud environment while bypassing multifactor authentication, Kurtz’s prepared statement said.
Where Smith appealed for US government help in providing remedial instruction for cloud users, Kurtz said that Microsoft should look to its own house, and fix problems with its widely used Active Directory and Azure services.
“Should Microsoft address the authentication architecture limitations around Active Directory and Azure Active Directory, or shift to a different methodology entirely, a considerable threat vector would be completely eliminated from one of the world’s most widely used authentication platforms,” Kurtz said.
Alex Stamos, a former Facebook and Yahoo security official now consulting for SolarWinds, agreed with Microsoft that customers who split their resources between their own premises and Microsoft’s cloud are especially at risk, because skilled hackers can move back and forth, and recommended that they move wholly to the cloud.
‘IN A DIFFERENT PLACE’: The envoy first visited Shanghai, where he attended a Chinese basketball playoff match, and is to meet top officials in Beijing tomorrow US Secretary of State Antony Blinken yesterday arrived in China on his second visit in a year as the US ramps up pressure on its rival over its support for Russia while also seeking to manage tensions with Beijing. The US diplomat tomorrow is to meet China’s top brass in Beijing, where he is also expected to plead for restraint as Taiwan inaugurates president-elect William Lai (賴清德), and to raise US concerns on Chinese trade practices. However, Blinken is also seeking to stabilize ties, with tensions between the world’s two largest economies easing since his previous visit in June last year. At the
Nearly half of China’s major cities are suffering “moderate to severe” levels of subsidence, putting millions of people at risk of flooding, especially as sea levels rise, according to a study of nationwide satellite data released yesterday. The authors of the paper, published by the journal Science, found that 45 percent of China’s urban land was sinking faster than 3mm per year, with 16 percent at more than 10mm per year, driven not only by declining water tables, but also the sheer weight of the built environment. With China’s urban population already in excess of 900 million people, “even a small portion
UNSETTLING IMAGES: The scene took place in front of TV crews covering the Trump trial, with a CNN anchor calling it an ‘emotional and unbelievably disturbing moment’ A man who doused himself in an accelerant and set himself on fire outside the courthouse where former US president Donald Trump is on trial has died, police said yesterday. The New York City Police Department (NYPD) said the man was declared dead by staff at an area hospital. The man was in Collect Pond Park at about 1:30pm on Friday when he took out pamphlets espousing conspiracy theories, tossed them around, then doused himself in an accelerant and set himself on fire, officials and witnesses said. A large number of police officers were nearby when it happened. Some officers and bystanders rushed
Beijing is continuing to commit genocide and crimes against humanity against Uyghurs and other Muslim minorities in its western Xinjiang province, U.S. Secretary of State Antony Blinken said in a report published on Monday, ahead of his planned visit to China this week. The State Department’s annual human rights report, which documents abuses recorded all over the world during the previous calendar year, repeated language from previous years on the treatment of Muslims in Xinjiang, but the publication raises the issue ahead of delicate talks, including on the war in Ukraine and global trade, between the top U.S. diplomat and Chinese