Senators ask federal officials to designate leader in ‘disorganized’ SolarWinds response

Senate Intelligence Committee Chairman Mark Warner (D-Va.) and Vice Chairman Marco Rubio (R-Fla.) on Tuesday criticized the “disorganized” federal response to the recently uncovered Russian hack of IT group SolarWinds, calling for agencies to designate a leader. 

The senators expressed these concerns in a letter sent to Director of National Intelligence Avril Haines and the leaders of the FBI, the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA). 

“We are writing to urge you to name and empower a clear leader in the United States’ response to the SolarWinds cyber breach that has affected numerous federal agencies, and thousands of other private sector entities,” Warner and Rubio wrote. 

“The federal government’s response so far has lacked the leadership and coordination warranted by a significant cyber event, and we have little confidence that we are on the shortest path to recovery,” they emphasized.

The letter was sent as the federal government continues to grapple with the fallout from the SolarWinds hack, which was likely ongoing since 2019. 

The IT company counts many federal agencies and the majority of U.S. Fortune 500 companies as customers, with agencies including the Commerce, Defense, Energy, Homeland Security and Treasury departments compromised as part of a hack that intelligence leaders have said was “likely” Russian in origin. 

After the discovery of the hack in December, the four agencies contacted by Warner and Rubio formed a cyber unified coordination group to investigate the incident, and, in addition, President Biden ordered the intelligence community to compile an assessment of the extent of the hack. 

Despite these steps, Warner and Rubio on Tuesday wrote that classified briefings they have received around the SolarWinds hack had illustrated a “disjointed and disorganized response to confronting the breach.”

“The threat our country still faces from this incident needs clear leadership to develop and guide a unified strategy for recovery, in particular a leader who has the authority to coordinate the response, set priorities, and direct resources to where they are needed,” the senators wrote. 

“We urge you to reach such an agreement and assign a clear leader to ensure we confront and mitigate this incident fully, and as quickly as possible,” they added. 

The SolarWinds incident has brought the spotlight back to cybersecurity in both the House and Senate over the past two months, and the Senate Intelligence Committee is not alone in looking into the hack. 

The leaders of the Senate Homeland Security and Governmental Affairs Committee vowed in December to hold hearings and introduce legislation around the breach, while the House Homeland Security and House Oversight and Reform panels announced a joint investigation into the incident the same month. 

The House Homeland Security Committee is due to hold a hearing focused on cybersecurity concerns on Wednesday, which will likely focus on concerns around the SolarWinds incident.