Technology executives revealed that historical cybersecurity vulnerabilities affecting approximately 1
The news was made at a hearing on Tuesday by the U.S. Senate Intelligence Selection Committee on the hacking of Texas software company SolarWinds last year. By using SolarWinds and Microsoft programs, hackers believed to be working in Russia were able to penetrate companies and government agencies. Servers operated by Amazon were also used for cyber attacks, but the company refused to send representatives to the hearing.
Representatives of affected companies including SolarWinds, Microsoft, and network security companies FireEye Inc and CrowdStrike Holdings told senators that the true scope of the intrusion is still unknown, because most victims are not required to disclose information about the attack unless they are Sensitive information involving the following: personal. But they described an amazing operation.
Microsoft President Brad Smith (Brad Smith) said that its researchers believe that “at least 1,000 very skilled and capable engineers” have engaged in SolarWinds hacking activities. Smith told the senator: “This is the largest and most complicated operation we have ever seen.”
Smith said that the success of hacking lies in its ability to penetrate the system through conventional processes. SolarWinds acts as a network monitoring software, in-depth research in the infrastructure of information technology systems to find and fix problems, and provide necessary services to companies around the world. Smith said: “The entire world is dependent on software patches and updates.” “Sabotage or tampering with this software is actually tampering with the digital equivalent of our public health service. This puts the entire world at greater risk.”
He added: “It’s a bit like a thief trying to break into an apartment but manages to shut down the alarm system of every house and building in the entire city.” “Everyone’s safety is threatened. This is what we are here to solve The problem.”
Smith said that many of the techniques used by hackers have not yet been discovered, and that the attacker may have used as many as a dozen different methods to gain access to the victim’s network in the past year.
Microsoft disclosed last week that hackers have been able to read the company’s tightly protected source code to understand how its program authenticates users. In many victims, hackers manipulated these programs to access new areas inside the target.
Smith emphasized that this movement was not caused by a programming error on Microsoft’s side, but by poor configuration and other controls on the customer’s side, including “the case where the safe and car keys were forgotten.”
CrowdStrike CEO George Kurtz explained that as far as his company is concerned, hackers used third-party vendors of Microsoft software that had access to the CrowdStrike system, and tried but failed to get into the company’s email. Kurtz blames Microsoft for its complex architecture, which he calls “outdated.”
Kurtz said: “Threat participants took advantage of system flaws in the Windows authentication architecture to allow them to move laterally within the network” and reach the cloud environment, while bypassing multi-factor authentication.
Smith asked Smith to help the government provide remedial guidance for cloud users, and Kurtz said that Microsoft should find its own house and solve the problems of its widely used Active Directory and Azure.
“Microsoft should address the limitations of the authentication architecture around Active Directory and Azure Active Directory, or completely shift to other methods, and completely eliminate the sizeable threat vector from one of the most widely used authentication platforms in the world,” Kurtz said.
Executives advocate improved transparency and information sharing of default rates, a system that provides accountability protection and does not punish those who come forward, similar to airline disaster investigations.
Smith said: “For us, we encourage and sometimes even ask for better sharing of information about cyber attacks is vital to the country.”
Legislators and executives discussed how to more easily and secretly share threat intelligence between competitors and legislators to prevent similar large-scale hacking attacks in the future. They also discussed the reaction of the hackers sponsored by the nation-state. According to the “Washington Post”, it is rumored that the Biden administration is considering imposing sanctions against Russia for hacking attacks.
Virginia Senator Mark Warner said: “This situation may worsen exponentially, and we need to recognize the seriousness of this situation.” “We can’t violate the safety fatalism. We must at least increase the cost of our opponents. “
The lawmakers accused Amazon of not attending the hearing and threatened to force Amazon to testify at a subsequent panel meeting.
“I think [Amazon has] Republican Senator Susan Collins (Susan Collins) said: “We have an obligation to cooperate with this investigation, and I hope they will do so voluntarily.” “If they don’t, I think we should consider the next step.”
Reuters contributed to this report.