House panels launch probe into massive cyberattack that breached federal agencies

Dec 17, 2020
In The News

Two key House panels on Thursday announced a joint investigation into the massive cyberattack that has impacted multiple federal agencies, in what may be one of the most damaging digital intrusions in years.

Homeland Security Committee Chairman Bennie Thompson (D-Miss.) and Oversight and Reform Committee Chairwoman Carolyn Maloney (D-N.Y.) informed top intelligence officials that they will be probing the breach of SolarWinds systems, which then led the Commerce and Treasury departments also fell victim to the intrusions. 

The State Department and the National Institutes of Health were also impacted in the breach, according to The Washington Post, and the list is growing. 

“Our Committees are seeking information related to the apparent, widespread compromise of multiple federal government, critical infrastructure, and private sector information technology networks,” the chairs wrote in their letter to the leaders of the FBI, Director of National Intelligence (DNI) and the Department of Homeland Security (DHS).

“While investigations and technical forensic analyses are still ongoing, based on preliminary reporting, it is evident that this latest cyber intrusion could have potentially [devastating] consequences for U.S. national security,” it reads.

Some reports have suggested that hackers working for Russia were monitoring the email traffic at Treasury and Commerce departments. Moscow has denied involvement in the intrusions.

DHS's Cybersecurity and Infrastructure Security Agency (CISA) issued a rare emergency directive this week that orders federal agencies to “disconnect or power down SolarWinds Orion products … from their network[s].”  

The full impact of the hack is still being assessed.  

The two committees are asking FBI Director Christopher Wray, DNI John Ratcliffe, and DHS Secretary Chad Wolf for a classified briefing on Friday about the hack and the extent of its fallout. 

FireEye, a major cybersecurity firm, was also hacked and it uncovered, through its own probe, that SolarWinds was hit in the intrusion.

SolarWinds, which makes network management software, represents a long list of big-name clients, from the White House and various federal agencies, to major banks and Fortune 500 companies.