US House committees to hold hearings over widespread cyber attacks

The US House of Representatives’ Oversight and Homeland Security committees will hold a joint hearing on Friday 26 February on cybersecurity incidents ­– including the recent attacks targeting SolarWinds software.

In a statement on Monday, the committees said that top executives from SolarWinds, FireEye and Microsoft will testify at the hearing.

The investigation follows a number of serious hacking incidents at the tail end of 2020 targeting US organisations which have been linked to Russian involvement.

Kevin Mandia, the CEO of the cyber-security firm FireEye that identified the large-scale hacking of US government agencies, has previously claimed it has “genuinely impacted” around 50 organisations.

He said that while some 18,000 organisations had the malicious code in their networks, it was the 50 who suffered major breaches.

The US Treasury and departments of homeland security, state and defence are known to have been targeted.

The head of the UK’s communications intelligence service GCHQ has described the major security breaches at US software firms as “serious events”, as British intelligence officials investigate the level of UK exposure.

US Secretary of State Mike Pompeo has blamed Russia for the hack, as have the chairs of the Senate and House of Representatives’ intelligence committees.

As reported by Emerging Risks, FireEye, one of the largest cybersecurity companies in the United States, disclosed in a Securities and Exchange Commission note mid-December that it had become the latest victim of a targeted cyber hacking.

The company suggested that the breach was most likely by a foreign government, leading to the theft of an array of internal hacking tools typically used to test the cyber defences of its clients.

Despite Russia’s denials of the “baseless” claims, many in the US intelligence community suspect the Russian government is responsible.