(Adds details from SolarWinds executive)
By Raphael Satter
WASHINGTON, Feb 23 (Reuters) – Top executives at Texas-basedsoftware company SolarWinds Corp, digital giantMicrosoft Corp and cybersecurity firms FireEye Incand CrowdStrike Holdings Inc are expected todefend their companies’ responses to a series of breaches blamedon Russian hackers when they face the U.S. Senate’s SelectCommittee on Intelligence on Tuesday.
The four are expected to argue for more – or even mandatory- transparency in the national response against cyberespionage,which has long been hobbled by secrecy and a widespreadreluctance by organizations to identify publicly as victims ofhacking.
The four companies are key players in the response against aspectacular set of intrusions that have allowed alleged Russianspies to run amok across American networks, compromising a totalof nine federal agencies and 100 private-sector companies inwhat Microsoft’s president, Brad Smith, described as the”largest and most sophisticated attack the world has ever seen.”
Smith was among those set to testify on Tuesday. The otherswere FireEye Chief Executive Kevin Mandia, whose company was thefirst to discover the hackers, SolarWinds Chief ExecutiveSudhakar Ramakrishna, whose company’s software was hijacked bythe spies to break in to a host of other organizations, andCrowdStrike Chief Executive George Kurtz, whose company ishelping SolarWinds recover from the breach.
They and others have hinted that the true scope of thebreaches is far wider than is publicly known, in part becauseembarrassed executives at other companies are trying to keeptheir role in the cyberespionage campaign a secret.
According to an excerpt of his testimony released inadvance, Microsoft’s Smith is expected to say that “too manycyberattack victims keep information to themselves,” adding,”It’s imperative for the nation that we encourage and sometimeseven require better information-sharing about cyberattacks.”
SolarWinds’ Ramakrishna is expected to call for lawmakers toprovide companies “with the appropriate incentives and liabilityprotections to share more information on attempted or successfulbreaches” with the government, according to prepared remarks.(Reporting by Raphael Satter in WashingtonEditing by Howard Goller and Matthew Lewis)