This upcoming Sunday, the people of Venezuela will hold an election that, if legitimate, would put an end to years of the oppressive Maduro narco-regime. U.S. Senator Marco Rubio (R-FL) issued a statement in support of the Venezuelan people: “The...
NOTICIAS
Últimas Noticias
Rubio: “La Tenacidad y Valentía del Pueblo venezolano Estarán a la Vista”
Este próximo domingo, el pueblo venezolano tendrá una elección que, de ser legítima, pondría fin a años de opresión por parte del narco-régimen de Maduro. El senador estadounidense Marco Rubio (R-FL) grabó un mensaje de video en español y emitió una declaración en...
Rubio, Scott, Colleagues to Biden Admin: No Privileges Should Be Given to 9/11 Terrorist
Twenty-three years ago, the United States was attacked by Islamic terrorists on September 11, 2001. Now, Zacarias Moussaoui, the only person convicted in a U.S. court for his role in the attack, has requested the U.S. Department of Justice to allow a prisoner transfer...
Next Week: Rubio Staff Hosts Mobile Office Hours
U.S. Senator Marco Rubio’s (R-FL) office will host virtual Mobile Office Hours next week to assist constituents with federal casework issues in their respective local communities. These office hours offer constituents who do not live close to one of Senator Rubio’s...
Rubio, Colleagues Introduce Ensuring Continuity in Veterans’ Health Act
As the U.S. Department of Veterans Affairs (VA) opens up new facilities, many veterans are losing access to the VA’s Community Care Program and, consequently, their long-term healthcare providers. Veterans throughout the country have reported a loss of care, including...
Rubio Introduces Bill to Strengthen U.S.-India Security Partnership
The U.S.-India partnership is vital to countering influences from Communist China. In order to strengthen this partnership, it is essential to enhance our strategic diplomatic, economic, and military relationship with New Delhi. U.S. Senator Marco Rubio (R-FL)...
Vice Chairman Rubio Opening Statement for SolarWinds Hack Hearing
Washington, D.C. — Senate Select Committee on Intelligence Vice Chairman Marco Rubio (R-FL) and Chairman Mark Warner (D-VA) convened an open hearing to examine the SolarWinds hack.
A livestream of the hearing can be found on the committee’s website here.
Vice Chairman Rubio’s opening remarks as prepared can be found below.
Vice Chairman Rubio: Thank you Mr. Chairman, for convening this hearing.
I’d also like to welcome our witnesses from Microsoft, Fire Eye, SolarWinds, and Crowd Strike who are here to help the Committee’s examination of the largest cyber supply chain operation ever detected.
We appreciate you being with us this afternoon.
I would note that we also extended an invitation to Amazon to participate and they chose not to.
The operation we will be discussing today utilized Amazon’s infrastructure, at least in part, to be successful. I had hoped Amazon would provide their cooperation.
This cyber operation involved the modification of the SolarWinds Orion platform – a widely used software product– to include a malicious backdoor that was downloaded by up to 18,000 SolarWinds customers between March and June 2020.
Perhaps most insidious about the operation was that it hijacked the very security advice promulgated by computer security professionals to verify and apply patches as they are issued.
There are many concerning aspects to this operation that raise significant questions.
One, my understanding is that if FireEye had not investigated an anomalous event within their own network in November 2020, it is quite possible that this operation would be continuing, unfettered today.
Despite the investment that we have made in cybersecurity, collectively between the government and the private sector, no one detected this activity earlier – and this actor was within SolarWinds network since at least September 2019.
Put simply, how did we miss this? What are we still missing? And what do we need to do to make sure we don’t miss it again?
Second, what exactly did these actors do? Based on what we know – to include what government has stated publicly – the actor seems to have undertaken follow-on operations against a very small subset of the 18,000 networks to which they potentially had access.
Aside from the mechanical aspects of removing a hacker from a network, what do we know about why these actors chose the targets they did, what actions they undertook within those victim networks, and what do we know that we do not know?
And perhaps most importantly, who has the single, comprehensive view of the totality of activity undertaken by this actor?
Third, what is it going to take to rebuild and have confidence in our networks? In speaking with several of you, one of the hallmarks of this operation was the great care taken by the adversary to use bespoke infrastructure and tradecraft for each victim.
Unlike other malware or ransomware clean-up operations, there is no template here that can be used for remediation. What is it going to take to have confidence in both government and private sector networks again?
Fourth, what do we need to do to raise the bar for the cybersecurity of this nation? Is cyber deterrence an achievable goal? How do we need to enhance cybersecurity information logging and sharing across the spectrum to protect against APTs in the future?
And finally, though this is a question for the government, rather than the witnesses here today – what does the United States need to do to respond to this operation?
Government officials initially stated that this was an intelligence gathering operation. Just recently, however, the White House stated, “when there is a compromise of this scope and scale, both across government and across the U.S. technology sector to lead to follow-on intrusions, it is more than a single incident of espionage; it’s fundamentally of concern for the ability for this to become disruptive.”
While I share the concern that an operation of this scale with a disruptive intent could have caused mass chaos, those are not the facts that are in front of us.
Everything we have seen thus far indicates that this was an intelligence operation – a rather successful one – that was ultimately disrupted.
While there are myriad ways for sovereign states to respond, I caution against using terms like “attack” and “act of war” in relation to this operation, unless the facts lead us there. The Chairman knows I always advocate for standing up to our adversaries, but I want to know today what the actor’s intent seemed to be and the extent of the damage.
This Committee, and the rest of the Congress, should consider what policies we need to pursue to better defend our critical networks.
In order to get a fuller view of the problem perhaps we should consider mandating certain types of reporting as it relates to cyber-attacks.
We must improve the information sharing between the federal government and private sector. I look forward to being an active and constructive participant in these debates.
With that, we welcome you and thank you for your testimony and the insights you will share with us and the American people today. It is important that the public understand the current, persistent information conflict the United States finds itself in against nation state adversaries like Russia, China, Iran, and North Korea.
Thank you, Mr. Chairman.