The four are expected to argue for more – or even mandatory – transparency in the national response against cyberespionage, which has long been hobbled by secrecy and a widespread reluctance to identify publicly as victims of hacking.
Reuters
February 23, 2021 / 09:35 PM IST
Reuters
Top executives at Texas-based software company SolarWinds, digital giant Microsoft and cybersecurity firms FireEye and CrowdStrike are expected on Tuesday to defend their companies’ responses to a sprawling series of breaches blamed on Russian hackers when they face the U.S. Senate’s Select Committee on Intelligence.
The four are expected to argue for more – or even mandatory – transparency in the national response against cyberespionage, which has long been hobbled by secrecy and a widespread reluctance to identify publicly as victims of hacking.
The four companies are key players in the response against a spectacular set of intrusions that have allowed alleged Russian spies to run amok across American networks, compromising a total of nine federal agencies and 100 private-sector companies in what Microsoft’s president Brad Smith described as the “largest and most sophisticated attack the world has ever seen.”
Smith was among those to testify on Tuesday. The others were FireEye chief executive Kevin Mandia, whose company was the first to discover the hackers, SolarWinds chief executive Sudhakar Ramakrishna, whose company’s software was hijacked by the spies to break into a host of other organizations, and CrowdStrike chief executive George Kurtz, whose company is helping SolarWinds recover from the breach.
They and others have hinted that the true scope of the breaches is far wider than is publicly known, in part because embarrassed executives at other companies are trying to keep their role in the cyberespionage campaign a secret.
According to an excerpt of his testimony released in advance, Microsoft’s Smith is expected to say that “too many cyberattack victims keep information to themselves. We will not solve this problem through silence.
“It’s imperative for the nation that we encourage and sometimes even require better information-sharing about cyberattacks,” the excerpt said.