Senators press federal agencies for more information on Russian cyberattack

A group of bipartisan senators is urging key federal agencies to share more information on the recent massive cyberattack attributed to a Russian hacking group that led to the successful breach of multiple agencies. 

Sens. Jerry Moran (R-Kan.), Roger Wicker (R-Miss.), Maria Cantwell (D-Wash.), John Thune (R-S.D.), Richard Blumenthal (D-Conn.) and Jeanne Shaheen (D-N.H.) expressed concerns in a letter this week to the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) over the “alarming” attack on the federal government. Wicker is the chairman of the Commerce Committee and Cantwell is its ranking member.

“We are seeking all available information on the scope and details of the recently exposed vulnerability’s impacts on the U.S. federal government,” the senators wrote. 

The senators’ concerns were raised two days after Reuters first reported that the Treasury Department and a Commerce Department agency had been breached by a nation state as part of an attack on IT company SolarWinds between March and June. 

The company counts a litany of federal agencies and hundreds of U.S. Fortune 500 companies as customers. On Monday, reports emerged that the Department of Homeland Security was also breached, along with branches of the Pentagon and the State Department. 

The Washington Post reported earlier this week that a Russian military intelligence unit known as “Cozy Bear” was behind the attack. The group also allegedly hacked into the State Department during the Obama administration and targeted groups earlier this year involved in COVID-19 research. 

CISA on Sunday night took quick action to halt the ongoing infiltration by the hacking group, issuing an emergency directive ordering all federal agencies to immediately disconnect systems from SolarWinds products within a day. 

The senators in their letter pointed to this step as positive but said it is not enough in the face of what is likely one of the largest cyberattacks in U.S. history.

“While this initial protective step was taken and SolarWinds similarly issued a security advisory, Congress needs to be informed of the size, scope, and details of the cyberattack campaign’s impact on the federal government to appropriately respond to this risk,” the senators wrote. 

The senators asked the agencies to respond to a series of questions around which offices could have been vulnerable to the SolarWinds hack and details around the ongoing investigation into the incident.

Both CISA and the FBI are among the agencies investigating the attack alongside the intelligence community and the National Security Council (NSC). National security adviser Robert O’Brian on Tuesday cut short an overseas trip to return to the U.S. to respond to the crisis, while the NSC announced that a “cyber unified coordination group” had been formed in response to the attack. 

The Senate Commerce Committee was briefed by the Commerce Department on Monday about the breach of the agency’s National Telecommunications and Information Administration. Wicker, Thune and Moran put out a joint statement after the briefing calling for a “swift and clear response” to the attack. 

The Senate Armed Services Committee’s cybersecurity subcommittee was briefed in a classified setting by Defense Department officials Tuesday on the agency’s cybersecurity concerns. Blumenthal, a member of the subcommittee, later cited serious concerns over the breach of the federal government. 

“Stunning. Today’s classified briefing on Russia’s cyberattack left me deeply alarmed, in fact downright scared,” Blumenthal tweeted Tuesday afternoon. “Americans deserve to know what’s going on. Declassify what’s known & unknown.”