Top executives at Texas-based software company SolarWinds, Microsoft and cybersecurity firms FireEye and CrowdStrike Holdings defended their conduct in breaches allegedly by Russian hackers, and sought to shift responsibility elsewhere in testimony to a US Senate panel on Tuesday.
One of the worst hacks yet discovered had an impact on all four. SolarWinds and Microsoft programs were used to attack others, and the hack struck about 100 US companies and nine federal government agencies.
US lawmakers started the hearing by criticizing Amazon.com representatives, who they said were invited to testify and whose servers were used to launch the cyberattack, for declining to attend the hearing.
Photo: Bloomberg
“I think they have an obligation to cooperate with this inquiry, and I hope they will voluntarily do so,” US Senator Susan Collins said. “If they don’t, I think we should look at next steps.”
The executives argued for greater transparency and information sharing about breaches, with liability protections and a system that does not punish those who come forward, similar to airline disaster investigations.
Microsoft president Brad Smith and others told the US Senate Select Committee on Intelligence that the true scope of the intrusions is still unknown, because most victims are not legally required to disclose attacks unless they involve sensitive information about individuals.
Also testifying were FireEye CEO Kevin Mandia, whose company was the first to discover the hackers; SolarWinds CEO Sudhakar Ramakrishna, whose company’s software was hijacked by the spies to break in to a host of other organizations; and CrowdStrike CEO George Kurtz, whose company is helping SolarWinds recover from the breach.
“It’s imperative for the nation that we encourage and sometimes even require better information-sharing about cyberattacks,” Smith said, adding that many techniques used by the hackers have not come to light and that “the attacker might have used up to a dozen different means of getting into victim networks during the past year.”
Microsoft last week disclosed that the hackers had been able to read the company’s closely guarded source code for how its programs authenticate users. At many of the victims, the hackers manipulated those programs to access new areas inside their targets.
Smith said that such movement was not due to programming errors on Microsoft’s part, but on poor configurations and other controls on the customer’s part, including cases “where the keys to the safe and the car were left out in the open.”
In CrowdStrike’s case, hackers used a third-party vendor of Microsoft software, which had access to CrowdStrike systems, and tried, but failed, to get into the company’s e-mail servers.
Kurtz turned the blame on Microsoft for its complicated architecture, which he called “antiquated.”
“The threat actor took advantage of systemic weaknesses in the Windows authentication architecture, allowing it to move laterally within the network” and reach the cloud environment while bypassing multifactor authentication, Kurtz’s prepared statement said.
Where Smith appealed for US government help in providing remedial instruction for cloud users, Kurtz said that Microsoft should look to its own house, and fix problems with its widely used Active Directory and Azure services.
“Should Microsoft address the authentication architecture limitations around Active Directory and Azure Active Directory, or shift to a different methodology entirely, a considerable threat vector would be completely eliminated from one of the world’s most widely used authentication platforms,” Kurtz said.
Alex Stamos, a former Facebook and Yahoo security official now consulting for SolarWinds, agreed with Microsoft that customers who split their resources between their own premises and Microsoft’s cloud are especially at risk, because skilled hackers can move back and forth, and recommended that they move wholly to the cloud.
Two medieval fortresses face each other across the Narva River separating Estonia from Russia on Europe’s eastern edge. Once a symbol of cooperation, the “Friendship Bridge” connecting the two snow-covered banks has been reinforced with rows of razor wire and “dragon’s teeth” anti-tank obstacles on the Estonian side. “The name is kind of ironic,” regional border chief Eerik Purgel said. Some fear the border town of more than 50,0000 people — a mixture of Estonians, Russians and people left stateless after the fall of the Soviet Union — could be Russian President Vladimir Putin’s next target. On the Estonian side of the bridge,
DIPLOMATIC THAW: The Canadian prime minister’s China visit and improved Beijing-Ottawa ties raised lawyer Zhang Dongshuo’s hopes for a positive outcome in the retrial China has overturned the death sentence of Canadian Robert Schellenberg, a Canadian official said on Friday, in a possible sign of a diplomatic thaw as Canadian Prime Minister Mark Carney seeks to boost trade ties with Beijing. Schellenberg’s lawyer, Zhang Dongshuo (張東碩), yesterday confirmed China’s Supreme People’s Court struck down the sentence. Schellenberg was detained on drug charges in 2014 before China-Canada ties nosedived following the 2018 arrest in Vancouver of Huawei chief financial officer Meng Wanzhou (孟晚舟). That arrest infuriated Beijing, which detained two Canadians — Michael Spavor and Michael Kovrig — on espionage charges that Ottawa condemned as retaliatory. In January
Jeremiah Kithinji had never touched a computer before he finished high school. A decade later, he is teaching robotics, and even took a team of rural Kenyans to the World Robotics Olympiad in Singapore. In a classroom in Laikipia County — a sparsely populated grasslands region of northern Kenya known for its rhinos and cheetahs — pupils are busy snapping together wheels, motors and sensors to assemble a robot. Guiding them is Kithinji, 27, who runs a string of robotics clubs in the area that have taken some of his pupils far beyond the rural landscapes outside. In November, he took a team
SHOW OF SUPPORT: The move showed that aggression toward Greenland is a question for Europe and Canada, and the consequences are global, not just Danish, experts said Canada and France, which adamantly oppose US President Donald Trump’s wish to control Greenland, were to open consulates in the Danish autonomous territory’s capital yesterday, in a strong show of support for the local government. Since returning to the White House last year, Trump has repeatedly insisted that Washington needs to control the strategic, mineral-rich Arctic island for security reasons. Trump last month backed off his threats to seize Greenland after saying he had struck a “framework” deal with NATO chief Mark Rutte to ensure greater US influence. A US-Denmark-Greenland working group has been established to discuss ways to meet Washington’s security concerns
RSS