|
Texas software company SolarWinds Corp's Chief Executive
Sudhakar Ramakrishna, Microsoft Corp President Brad Smith, and
FireEye Inc Chief Executive Kevin Mandia were due to address a
joint hearing of the House Committees on Oversight and Reform
and Homeland Security.
Their appearance comes three days after the trio testified
before U.S. senators over the massive breach, which has ensnared
nine American government agencies and more than 100 other
organizations. SolarWinds' former chief executive - Kevin
Thompson, who stepped down shortly before the breach was
announced - was also due to testify.
Hackers allegedly working for Moscow surreptitiously subverted
SolarWinds' software to infiltrate their targets, spending
months inside government networks before they were identified.
Other techniques - including some still unknown - are believed
to have been used as well. Lawmakers and executive branch
experts alike are puzzling out how far the hackers got and who
might be to blame.
Some have alleged that lax security practices at SolarWinds led
to the breach. Others have laid blame at Microsoft's door,
saying that a failure to fix known problems with its cloud
software authentication infrastructure helped speed the hackers'
progress across networks. [L1N2KV071]
Speaking to senators on Tuesday, Microsoft's Smith blamed poor
configurations and other controls on the customer's part,
including cases "where the keys to the safe and the car were
left out in the open." [L1N2KT1QK]
CrowdStrike Holdings Inc Chief Executive George Kurtz - who
addressed senators Tuesday but will not be returning Friday -
said Microsoft's "antiquated" architecture was partially
responsible.
(Reporting by Raphael Satter; Editing by Stephen Coates)
[© 2021 Thomson Reuters. All rights
reserved.] Copyright 2021 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content.
|
|
