Portman, Peters Request Information on Federal Government’s Response to SolarWinds Orion and Microsoft Exchange Cyberattacks

WASHINGTON, DC – Today, U.S. Senators Rob Portman (R-OH) and Gary Peters (D-MI), Ranking Member and Chairman of the Senate Homeland Security and Governmental Affairs Committee, sent letters to Brandon Wales, Acting Director of the Cybersecurity & Infrastructure Security Agency at the Department of Homeland Security, and Christopher DeRusha, Federal Chief Information Security Officer at the Office of Management & Budget, requesting information on the recent compromises of SolarWinds Orion and Microsoft Exchange. 

“As our hearing highlighted, there is no easy solution to advanced persistent cyber threats,” the senators wrote. “Time and again this Committee has discussed the challenges of defending against sophisticated, well-resourced, and patient cyber adversaries.   Nevertheless, the fact remains that despite significant investments in cyber defenses, the federal government did not initially detect this cyberattack.” 

The senators continued: Mitigating vulnerabilities and reducing legacy information technology that serve as open doors to malicious hackers is also important.  So will be deterrence efforts that create real-world consequences for cyberattacks against the United States—investigation, attribution, prosecution, and sanctions.  At the national level, our cybersecurity strategy will require careful consideration of the appropriate role of the federal government, companies, and citizens in cyber defense, especially when it comes to nation-state actors with near unlimited resources and time.” 

Portman and Peters’ letters are available via the following links: 

The Department of Homeland Security

The Office of Management & Budget