April 15, 2021

Manchin Chairs Cybersecurity Subcommittee Hearing On SolarWinds, Microsoft Exchange Hacks

Video of Senator Manchin’s opening statements during the Senate Armed Services Cybersecurity Subcommittee hearing can be found here

Washington, DC – U.S. Senator Joe Manchin (D-WV), Chairman of the Senate Armed Services Subcommittee on Cybersecurity, led the subcommittee hearing on the cybersecurity protocols and strategies at the Department of Defense (DoD). After two recent, large scale hacks of SolarWinds and the Microsoft Exchange Server, Senator Manchin questioned a panel of witnesses on the importance of a ‘zero trust’ cybersecurity approach, or an approach that focuses on identification and authorization throughout a network.

Senator Manchin said in part, “This hearing is on what the Defense Department needs to do to improve its defenses against modern and very sophisticated cyberattacks like the SolarWinds campaign, waged by Russia, and the Microsoft Exchange Email Server Operation, waged by China. These hacking operations subverted tens of thousands of critical government and industry networks, and undermined trust in the information infrastructure that supports our economy, our government and our private lives. We’re holding this hearing today in an open session because it is vitally important for the American people to learn how the federal government is going to respond and to better protect the nation.”

This hearing preceded a series of new sanctions imposed by the Biden Administration on the Russian government for a series of cyberhacking operations, including the SolarWinds breach. Those sanctions target the Russian government directly, a number of Russian companies that supported the operations, and Russian officials working under diplomatic cover in the United States.

Senator Manchin continued, “For many years, our efforts to shore up cyber defenses focused on making it hard for adversaries to break into our networks. We built the digital equivalent of higher castle walls and moats. These are important and necessary but it has proven so far to be impossible to keep intruders out, for there are always many other ways to get in inside… We have to act on the possibilities that every action and transaction on our networks is being conducted by an adversary. We have to constantly challenge and verify the identities and the credentials of all the users. For short-hand, these basic network design concepts and operational imperatives are called zero trust. I’m asking our witnesses and committee to explain to the committee and the American people what zero trust means in plain English, without acronyms or jargon. We need to know what the essential building blocks of a zero trust network looks like, and where we are in terms of defining and acquiring these building blocks.”

In February, Senator Manchin was named Chairman of the Cybersecurity Subcommittee after previously serving as the Ranking Member of the subcommittee. The Subcommittee on Cybersecurity oversees policies and programs related to military cyber forces, operations, and capabilities.

A video of Senator Manchin’s opening statements during the Senate Armed Services Subcommittee on Cybersecurity can be found here.

A video of Senator Manchin questioning the witnesses during the Senate Armed Services Subcommittee on Cybersecurity can be found here.