Bipartisan lawmakers push Biden’s Cabinet for answers on fallout from SolarWinds hack

A bipartisan coalition of 14 House Energy and Commerce Committee lawmakers wrote to senior Biden administration officials and Cabinet officers on Wednesday seeking answers about the fallout from the SolarWinds hack of computer network management software. 

Rep. Frank Pallone, New Jersey Democrat, and Rep. Cathy McMorris Rodgers, Washington Republican, led the coalition in demanding federal agency heads answer basic questions such as “Has your department been impacted by the compromise?” 

News of the hack became public late last year, and the federal government has since said the likely Russian intrusion compromised nine federal agencies, but the full extent of the hacking campaign remains under review. 

The seven Democrats and seven Republicans pushed the leadership of the Departments of Commerce, Energy, and Health and Human Services, as well as Environmental Protection Agency administrator Michael Regan for answers about whether their agencies were affected.

“While your department has provided committee staff initial reports, we now request more details about your understanding of this intrusion and actions your department has taken in response,” the lawmakers wrote to the agency heads.

The lawmakers noted that the Cyber Unified Coordination Group, which is responsible for administering the federal government’s response to the SolarWinds hack, has identified the hack as a continuing counterintelligence collection effort, which prompted the lawmakers’ urgent letters. The lawmakers want answers from the Biden administration before March ends. 

The outgoing Trump administration developed the Cyber Unified Coordination Group for the SolarWinds hack late last year, and it included the FBI, National Security Agency, Office of the Director of National Intelligence and the Cybersecurity and Infrastructure Security Agency (CISA). 

Following Microsoft’s disclosure of an additional hack by China-backed cyberattackers aiming at Microsoft clients, a senior Biden administration official told reporters last week that those agencies had enlisted private sector companies to assist their response. CISA told the House Appropriations Committee last week that “no federal civilian agencies” were confirmed to have been compromised by the campaign disclosed by Microsoft.