Senate SolarWinds Hearing: Software Updates Should Be Off the Table for Adversary Hacks
Bombardier latest Accellion victim, APT32 targeted human rights defenders, Mozilla debuts Total Cookie Protection, VMWare fixes multiple RCEs, Ukraine blames Russia for defense website attacks
We’ve got more original content coming for our premium subscribers. Sign up for a premium subscription today!
During a highly anticipated Senate Intelligence Committee hearing, the CEOs of Microsoft, FireEye, SolarWinds, and Crowdstrike fielded a series of questions from well-briefed Senators on the hack of U.S. networks by a foreign adversary, presumably Russia, through a software update issued by SolarWinds.
During the hearing, SolarWinds’ Sudhakar Ramakrishna said it’s still unclear how the hackers gained access to the software it was developing. As he has in the past, Microsoft's Brad Smith called for a digital Geneva Convention to establish cyber norms and urged that infiltration of software updates should be off the table for all adversaries. FireEye’s Kevin Mandia also raised the need for norms in cyberspace and called for action against the SolarWinds perpetrators. “One of the biggest things that any administration would face is you have to impose risks and repercussions to the …
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.