United States Senate Committee on Homeland Security and Governmental Affairs, Rob Portman, Ranking Member. Gary Peters, Chairman. Federal Cybersecurity: America’s Data Still at Risk. August 2021: “..The current state of cyber espionage. In the past two years, state-sponsored hackers have perpetrated some of the largest and most damaging cyber-attacks in our history. In December 2020, we learned that the Russian Foreign Intelligence Service used a sophisticated supply chain vulnerability to corrupt a security patch for SolarWinds network management software. This allowed hackers to infiltrate nine Federal agencies, including DHS, State, Energy, and Treasury. Russia’s cyber-spies remained undetected in those Federal agencies’ systems for at least nine months. The Federal Government only became aware of the attack after it was discovered by a private cybersecurity firm, FireEye, which was also breached. The Federal Government is still working to understand exactly what information and data Russia accessed during those nine months. In April 2021, we learned Chinese hackers breached multiple Federal agencies through a vulnerability in a widely used remote access product called Pulse Connect Secure. A Chinese state-sponsored hacking group exploited vulnerabilities in Pulse Connect Secure products allowing hackers to bypass passwords and multifactor authentication to access agencies’ data. These were just two of the most damaging attacks. Indeed, for 2020, the White House reported 30,819 information security incidents across the Federal Government—an 8 percent increase from the prior year…It is clear that the data entrusted to these eight key agencies remains at risk. As hackers, both state-sponsored and otherwise, become increasingly sophisticated and persistent, Congress and the executive branch cannot continue to allow PII and national security secrets to remain vulnerable…”