SolarWinds Hack Explained as U.S. Senators Request Details From FBI on Cyberattack

A bipartisan group of U.S. senators has requested a government-wide report into the "highly sophisticated" cyberattack on SolarWinds from the FBI and the Cybersecurity and Infrastructure Security Agency (CISA).

The supply chain hack is believed to have compromised 18,000 of SolarWinds' clients, which include federal government agencies such as the Homeland Security, Treasury and Commerce departments and the National Institutes of Health.

The business software company, based in Austin, also lists the White House, Pentagon, State Department, National Security Agency and all branches of the U.S. military among its customer base. Key details about the breach have not yet been made public, including how deeply it affected the U.S. military or the White House.

The leaders of the U.S. Senate committee on commerce, science and transportation and the appropriations subcommittee on commerce, justice, science and related agencies have written to the FBI director Christopher Wray and the CISA acting director Brandon Wales, requesting specific information on the hack, its victims and its possible implications.

"We have oversight responsibilities to ensure that federal agencies within the committees' respected jurisdictions uphold information security requirements established through the Federal Information Security Modernization Act and other relevant statutes," the letter reads.

"Under the Federal Information Security Modernization Act, the head of each federal agency is responsible for the security of its networks.

"The activities of the Department of Commerce, and one of its components that was impacted, the National Telecommunications and Information Administration, play a crucial role in the daily lives of all Americans, and compromising its efforts is of grave concern."

The information requested by the senators includes a list of every federal agency that has reported unauthorized access by a third party through the compromised SolarWinds product.

It also includes the types and quantities of data that were susceptible to unauthorized access, and a list of confirmed cases of unauthorized access, retention, copying, using, transmitting, or processing of data.

"We understand the investigations into this incident are preliminary and ongoing and so we expect that information will be shared as new details are learned," the letter adds.

Central to the attack, which was revealed this week, was Orion, an IT monitoring software product that is believed to have been hijacked in March and may have allowed the people behind the hack to monitor the internal communications of SolarWinds' customers for more than eight months.

Unnamed sources have told Reuters that they believe Russian hackers are behind the attack. Russia has denied any involvement.

"I reject these statements, these accusations, once again," said Dmitry Peskov, a spokesperson for President Vladimir Putin, told Russia's Tass news agency.

"Even if it is true there have been some attacks over many months and the Americans managed to do nothing about them, possibly it is wrong to groundlessly blame Russians right away. We have nothing to do with this."

Fingers typing on a computer keyboard
A stock image shows a person typing on a computer keyboard. U.S. senators have requested a report into a cyberattack that could have compromised the security of several federal agencies, as well as the U.S. military and White House. iStock