Members of Congress 'left with more questions than answers' after classified briefing about SolarWinds, saying administration 'unwilling to share the full scope of the breach'
- Lawmakers heard from the Department of Homeland Security, the Federal Bureau of Investigation, and the Office of the Director of National Intelligence in a classified meeting today regarding the SolarWinds hack.
- A statement issued afterwards said that, "Administration officials were unwilling to share the full scope of the breach and identities of the victims."
- President Trump has largely stayed silent in what is being analyzed as one of the most sophisticated hacks targeting the US government in history.
In a classified meeting on Friday, lawmakers from the House Homeland Security and Oversight Committees received a briefing on the known extent of the mass hacking campaign against the US government.
Lawmakers heard from the Department of Homeland Security, the Federal Bureau of Investigation, and the Office of the Director of National Intelligence.
In a statement issued afterward, the committees' chairs said that after hearing from the Trump Administration, "we are left with more questions than answers." The statement added that "Even in the midst of an unprecedented cyberattack with far-reaching implications for our national security, Administration officials were unwilling to share the full scope of the breach and identities of the victims."
The committees stressed the severity of the hack and called for the administration to give Congress a fuller picture. The statement said that the US government's network defenses "do not match the constantly evolving capabilities of our adversaries," adding that the committees need "the Administration to tell Congress what resources and authorities they need to ensure this does not happen again."
The committees' chairs called on the agencies to deliver an in-person briefing on Capitol Hill as soon as possible.
After leaving the briefing, the House Subcommittee on National Security Chairman Stephen Lynch, told reporters, "this hack was so big in scope that even our cybersecurity experts don't have a real sense yet in terms of the breadth of the inclusion itself." Lynch added that "there are as many as 18,000 individual entities, both private and government, that have been compromised," and that vetting would take time.
A Republican member of the House Oversight and Reform Committee, Rep. Bob Gibbs, told reporters, "I'm not too impressed with the confidence of our cybersecurity people."
House Committee on Oversight and Reform member Rep. Jamie Raskin, a Democrat, said, "There's a lot more that we don't know than what we do know. I'm hopeful the government will learn exactly how this was perpetrated on us and what is the full scope of the damage."
Others shared their disappointment and mounting concern.
House Homeland Security Committee Chairman Bennie Thompson said, "It was telephonic and it just didn't give us what we wanted. They offered to come next week. We said next week? Are you serious? We'll invite them back tomorrow."
House Oversight Committee Chairwoman Carolyn Maloney told reporters, "I am shocked. National security is the number one challenge and responsibility to protect our people. Every agency is compromised...It is serious. It is deep."
The hack took place over the course of months via IT management software SolarWinds, which monitors servers in order to prevent outages. Hackers reportedly entered the system via patch updates made by SolarWinds in March and June. Over the last few weeks, virtually every US agency, including Defense, Treasury, Commerce, State, Energy, and the National Institutes of Health were targeted in the supply chain attack.
President Donald Trump has largely stayed silent in what is being analyzed as one of the most sophisticated hacks targeting the US government in history.