Rep. Maloney: Recent Cyberattacks on Government ‘Deeply Concerning, Deeply Distressing’

December 18, 2020 Updated: December 18, 2020

House Oversight and Reform Committee Chair Carolyn Maloney (D-N.Y.) told reporters Friday that she is deeply concerned about the impact of the recent series of cyberattacks against U.S. government computer networks.

“We’re very disturbed. We didn’t get the information we wanted,” Maloney said following a closed-door briefing on Friday.

She said that lawmakers have asked for another briefing Saturday but it’s not certain that will happen. It’s not clear who briefed the lawmakers.

“We’ll find out if we can speak with them. It’s a very broad [attack], they don’t even know how broad it is; it’s very serious. The response is going to take weeks or months. It’s a top national security concern and the president should be all over it … It’s deeply concerning, deeply distressing, and an extreme challenge for our country,” Maloney continued.

As many as 18,000 SolarWinds customers around the globe installed a malicious update to the ubiquitous SolarWinds Orion network management software. The hack, which was first reported by cybersecurity firm FireEye, itself a SolarWinds customer, affected several U.S. government agencies, including the departments of Defense, State, Homeland Security, Energy, Treasury, and Commerce. The hack is believed to be the biggest ever uncovered, prompting the U.S. government to assemble a multi-department task force to respond to the threat.

Maloney’s comments come after her committee and other House committees chairs sent a joint letter (pdf) to Director of National Intelligence (ODNI) John Ratcliffe, Federal Bureau of Investigation Director Christopher Wray, and Acting Secretary of the Department of Homeland Security Chad Wolf, asking them to launch an investigation into the widespread cyberattack.

“Our Committees are seeking information related to the apparent, widespread compromise of multiple federal governments, critical infrastructure, and private sector information technology networks,” the chairs wrote. “While investigations and technical forensic analyses are still ongoing, based on preliminary reporting, it is evident that this latest cyber intrusion could have potentially devastating consequences for U.S. national security.”

After the briefing Friday, Maloney said she was left with more questions than answers. “We specifically asked for the scope of it. What agencies are affected, exactly when, how was the response. It could be embedded in our system now and how do you get it out,” Maloney continued.

Solarwinds
SolarWinds Corp banner hangs at the New York Stock Exchange on the IPO day of the company in New York, N.Y., on Oct. 19, 2018. (Brendan McDermid/Reuters)

Meanwhile, the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the ODNI issued a joint statement on Thursday to address the breach.

“This is a developing situation, and while we continue to work to understand the full extent of this campaign, we know this compromise has affected networks within the federal government,” the agencies said in the statement. “CISA took immediate action and issued an Emergency Directive instructing federal civilian agencies to immediately disconnect or power down affected SolarWinds Orion products from their network.”

The White House did not immediately respond to The Epoch Times’ request for comment on the cyberattacks or Friday’s briefing.

“We’re aware of all of these reports. We’re taking all necessary steps to identify and remedy any possible issues related to the situation. As one step in that process, CISA has issued an emergency directive on Sunday night for all federal civilian agencies to review their networks for indicators of compromise and disconnect or to power down SolarWinds, Orion products immediately,” White House press secretary Kayleigh McEnany told a reporter on Dec. 15.

“So, we are taking a hard look at this and, obviously, take any sort of cyber hacks very seriously.”

SolarWinds filed a Securities and Exchange Commission report with updates on the breach in which they confirmed the complexity of the attack.

“On Saturday, December 12, our CEO was advised by an executive at FireEye of a security vulnerability in our Orion Software Platform which was the result of a very sophisticated cyberattack on SolarWinds,” the company, which serves the vast majority of Fortune 500 companies and major U.S. government agencies, wrote.

“We soon discovered that we had been the victim of a malicious cyberattack that impacted our Orion Platform products as well as our internal systems. While security professionals and other experts have attributed the attack to an outside nation-state, we have not independently verified the identity of the attacker,” the filing continues.

“This was a highly sophisticated cyberattack on our systems that inserted a vulnerability within our Orion® Platform products. This particular intrusion is so targeted and complex that experts are referring to it as the SUNBURST attack.”

Ivan Pentchoukov contributed to this report.