Senate Panel Probes SolarWinds Hack to Learn ‘How Big, How Broad’

WASHINGTON—Senators are expected to probe the origins and fallout of a devastating hack of federal government computer systems Tuesday, when the chief executive officer of the software vendor SolarWinds Corp. testifies about the compromise of his firm by suspected Russian agents in what officials have described as one of the worst U.S. intelligence failures on record.

The hearing before the Senate Intelligence Committee is the first since the so-called SolarWinds hack was discovered in December. Sudhakar Ramakrishna, president and chief executive of SolarWinds, is scheduled to testify about his company’s handling of the breach, along with other technology executives whose companies and products were ensnared in the attack or have helped respond to it.

That hack is one of the most significant yet to be probed by Congress. Previous headline breaches in recent years, such as those at the Office of Personnel Management, Equifax and a spate of retail hacks at stores like Target, prompted hearings but generally haven’t spurred Congress to pass substantive cybersecurity legislation.

Sen. Mark Warner of Virginia, the new Democratic chairman of the committee, has said he would make scrutiny of the SolarWinds episode a priority of his panel. He said he hoped the severity of the attack would reinvigorate debate on legislative and policy proposals, including a reconsideration of a national data breach notification law.

“We get these blips of interest in cyber and then it fades,” Mr. Warner said in an interview earlier this month. The SolarWinds hack raised broader questions about the security of software supply chains on which the government relies, Mr. Warner said. “We are still trying to learn how big, how broad, how much it is going to cost to remediate,” he said.

__Posted on