![]() ![]() Additionally, SolarWinds' Ramakrishna said the company wants to share what it's learned with other companies, potentially leading to better systems for safeguarding software updates. Currently, the Cybersecurity and Infrastructure Security Agency fields many such reports, and lawmakers advocated for better flow of information to the rest of the government. ![]() Smith and Mandia both expressed support for a requirement that companies share information about intrusions on their systems with the federal government. Further changes could come in several forms. While past major breaches at the Office of Personnel Management, Equifax and the Democratic National Committee prompted some changes, there are still significant weaknesses in the systems that protect US systems. However, as lawmakers discussed at a Senate Intelligence Committee on Wednesday, the hackers also abused services from other companies, not just SolarWinds, to hack about 30% of their targets. Thousands of entities downloaded the tainted update, and hackers then focused in on select targets for further intrusion. The hacking campaign was complex, with attackers poisoning an update to SolarWinds' Orion products with malicious software. "They're winning the modern day arms race, and we need to step up." Worse, they didn't fear any consequences for their actions, he said. ![]() The hacking group showed it could take advantage of myriad weaknesses in US cybersecurity, said Rep. Thompson testified alongside Microsoft President Brad Smith and FireEye CEO Kevin Mandia about the factors that made the hack possible. At the hearing, current SolarWinds CEO Sudhakar Ramakrishna and prior CEO Kevin B. Solutions have long been in the works, but they weren't enough to stop a suspected Russian hacking group from accessing systems at nine federal government agencies and about 100 private companies. Whether it's a lack of cybersecurity personnel, poor communication between private companies and the federal government, or the absence of global standards for acceptable espionage hacking, longstanding issues all came into play. The biggest problems in cybersecurity contributed to the ongoing hacking campaign that weaponized a product update from IT software company SolarWinds, lawmakers and witnesses said at a hearing Friday before the House Oversight and Homeland Securities committees. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |