Senators press for more on SolarWinds hack after AP report

Full Screen
1 / 3

Copyright 2020 The Associated Press. All rights reserved.

FILE - In this July 21, 2020 file photo, Department of Homeland Security Acting Secretary Chad Wolf, speaks during a news conference in Washington. In December, U.S. officials discovered that federal agencies had fallen victim to a cyberespionage effort pulled off largely through a hack of SolarWinds software .The hackers accessed accounts belonging to then-acting Secretary Chad Wolf and staff at the Cybersecurity and Infrastructure Security Agency who focus on finding cyber threats from nation-state adversaries like Russia, according to current and former senior Homeland Security Department and intelligence officials who were briefed on the extent of the breach. (AP Photo/Manuel Balce Ceneta, File)

Key lawmakers said Tuesday they're concerned they've been kept in the dark about what suspected Russian hackers stole from the federal government and they pressed Biden administration officials for more details about the scope of what's known as the SolarWinds hack.

In letters to top officials, Sens. Gary Peters and Rob Portman said recent reporting by The Associated Press "raised the troubling possibility that some federal agencies did not fully report” the extent of the breach to Congress.

“Time and again this committee has discussed the challenges of defending against sophisticated, well-resourced, and patient cyber adversaries. Nevertheless, the fact remains that despite significant investments in cyber defenses, the federal government did not initially detect this cyberattack," the senators wrote. Peters, a Democrat from Michigan, chairs the Senate Homeland Security and Governmental Affairs Committee. Portman, of Ohio, is the top Republican.

The AP reported last month that suspected Russian hackers gained access to email accounts belonging to the Trump administration's acting homeland security secretary, Chad Wolf, and members of his department’s cybersecurity staff whose jobs included hunting threats from foreign countries.

It’s been nearly four months since officials discovered what they describe as a sprawling, monthslong cyberespionage effort done largely through a hack of a widely used software from Texas-based SolarWinds Inc. At least nine federal agencies, including the Department of Homeland Security, were hacked, along with dozens of private-sector companies.

The senators sent their letters to Brandon Wales, the acting director of the Cybersecurity and Infrastructure Security Agency at DHS, and Christopher DeRusha, chief information security officer at the Office of Management and Budget.

The senators are asking for several documents related to the hack, including those that show which individual accounts were targeted or compromised.

Scott McConnell, a spokesman for the cybersecurity agency, said it “does not comment on congressional correspondence.” OMB did not immediately return a request for comment.