House panels launch probe into massive cyberattack that breached federal agencies
Two key House panels on Thursday announced a joint investigation into the massive cyberattack that hit multiple federal agencies, in what may be one of the most damaging digital intrusions in years.
Homeland Security Committee Chairman Bennie Thompson (D-Miss.) and Oversight and Reform Committee Chairwoman Carolyn Maloney (D-N.Y.) informed top intelligence officials that they will be investigating the breach of SolarWinds systems, which then led to the Commerce and Treasury departments falling victim to the intrusions.
The State Department, Department of Homeland Security and the National Institutes of Health were also impacted in the breach, according to The Washington Post, and the list is growing.
“Our Committees are seeking information related to the apparent, widespread compromise of multiple federal government, critical infrastructure, and private sector information technology networks,” the chairs wrote in a letter to the leaders of the FBI, Director of National Intelligence (DNI) and the Department of Homeland Security (DHS).
“While investigations and technical forensic analyses are still ongoing, based on preliminary reporting, it is evident that this latest cyber intrusion could have potentially devasting consequences for U.S. national security,” it reads.
Some reports have suggested that hackers working for Russia were monitoring the email traffic at Treasury and Commerce departments. Moscow has denied involvement in the intrusions.
DHS’s Cybersecurity and Infrastructure Security Agency (CISA) issued a rare emergency directive this week that orders federal agencies to “disconnect or power down SolarWinds Orion products … from their network[s].”
The full impact of the hack is still being assessed.
The two committees are asking FBI Director Christopher Wray, DNI John Ratcliffe and acting Homeland Security Secretary Chad Wolf for a classified briefing on Friday about the hack and the extent of its fallout.
FireEye, a major cybersecurity firm, was also hacked and it uncovered, through its own probe, that SolarWinds was hit in the intrusion.
SolarWinds, which makes network management software, represents a long list of big-name clients, from the White House and various federal agencies, to major banks and Fortune 500 companies.
The Hill has removed its comment section, as there are many other forums for readers to participate in the conversation. We invite you to join the discussion on Facebook and Twitter.