As Congress gears up to press CEOs from SolarWinds, Microsoft, CrowdStrike, and FireEye about the massive data breach that impacted several U.S. government agencies and nearly 18,000 SolarWinds customers last year, Senator Mark Warner (D-Va.) said that aside from getting to the bottom of the hack, there needs to be a clear message sent that cyber warfare against the United States will not be tolerated.

"We need to have some common standards where we warn our adversaries that you take this kind of action, there's going to be consequences," Warner told Cheddar. 

Last month, law enforcement, security, and intelligence agencies released a joint statement following an investigation into the breach that said Russia was the likely culprit, though the Biden White House has yet to release a statement on the findings. According to Warner, it isn't a question if Russia is engaging in "asymmetrical warfare" but rather how the U.S. will respond.

"For a long time in America, because we are so I.T. dependent because we are so technology-driven, we were reluctant to hold the bad guys accountable," he said. "We saw that when the Chinese attacked the OPM files of all the government employees or when they attacked Equifax, 150 million Americans had their personal information exfiltrated. We were reluctant to punch back because we were afraid of cyber escalation." 

"We can't be timid in this space going forward," Warner stated. 

When it comes to grilling the tech companies during the Senate Intelligence Committee hearing, Warner said he plans to press them about avoiding future incidents, what methods of protection are being adopted, and if other cloud-based systems are currently susceptible to similar attacks. 

Though Russia has been implicated by U.S. intelligence agencies in the recent attack, the senator said he believes the affected businesses had a responsibility to protect their customers, have to be held liable as well, and be held to mandatory reporting rules.

"There were certain things, obviously, SolarWinds could have done better, but when we're dealing with a tier-one adversary, bringing their A-team, very few private sector companies, on their own, can prevent an intrusion," Warner noted. "But that does not mean that suddenly we're going to let these private sector companies off the hook for having responsible cyber hygiene behavior because even if the bad guys get in if you've got good cyber hygiene, you can spot them earlier."

Share:
More In Politics
Biden Signing Wide-Range Executive Order on Artificial Intelligence
President Joe Biden on Monday will sign a sweeping executive order to guide the development of artificial intelligence — requiring industry to develop safety and security standards, introducing new consumer protections and giving federal agencies an extensive to-do list to oversee the rapidly progressing technology.
Mike Pence Drops Out of Presidential Race
Former Vice President Mike Pence dropped his bid for the Republican presidential nomination on Saturday after struggling to raise money and gain traction in the polls.
Load More