White House calls Microsoft email breach an ‘active threat’


White House Press Secretary Jen psakiJen PsakiOn The Money: Senate Votes to Accept COVID-19 Relief Bill | Stocks Plunge After Powell Fails To Appease Nervous Traders | February jobs report to provide first measure of Biden’s economy Biden canceled second military target in Syria minutes before attack: White House report says Shalanda Young could serve as interim director of OMB MORE said Friday that the Biden administration is closely following the breach of a Microsoft email app, allegedly carried out by Chinese hackers, calling it an “active threat” with a “large number of victims”.

“This is a significant vulnerability that could have far-reaching impacts. First of all, it is an active threat, ”Psaki told reporters during the daily press conference.

She pointed to a cheep from the national security advisor Jake sullivanJake Sullivan FireEye Finds Evidence Chinese Hackers Exploited Microsoft’s Email App Flaw Since January A Biden Stumble In China? Iran, hostages and déjà vu: Biden needs to do better MORE Thursday night urging network administrators to patch their systems against a previously unknown vulnerability in Microsoft’s Exchange Server email application.

Microsoft said earlier this week that the flaw was being used by a Chinese state-sponsored group of hackers to target a variety of organizations.

Cybersecurity group FireEye said in blog post Thursday night that the hackers had been on at least one customer’s system since January, and that they had gone after “US Retailers, Local Governments, a University, and an Engineering Company,” along with a Southeast Asian government and a Central Asian telecommunications group.

Other international victims are likely, with the Czech Republic’s National Office for Cyber ​​and Information Security issuing a statement On Friday saying that he is helping the affected organizations.

While Psaki declined to comment on Friday if any federal agencies were compromised, it urged network operators to “consider whether they have already compromised” and, if so, “take appropriate action.

“Everyone who runs these servers – government, private sector, academia – must act now to patch them,” Psaki said. “We are concerned that there are a large number of victims and we are working with our partners to understand the extent of this. So it’s an ongoing process. “

“We are still looking closely at what happened and the next steps that need to be taken,” added Psaki.

While there has been no confirmation of any federal agencies involved, the Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive earlier this week ordering all agencies to immediately investigate whether they have been breached and, if so, they implement a patch. or disconnect from Exchange Server.

CISA said the infringement “poses an unacceptable risk for the agencies of the Federal Civil Executive Power. “

Microsoft claimed earlier this week that the Chinese hacking group known as “Hafnium” was responsible for exploiting the vulnerabilities. Microsoft noted that the group had previously tried to steal information from infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks and non-governmental organizations.

The news comes as the federal government continues its investigation of the SolarWinds hack. That incident, which US intelligence officials said in January was likely carried out by sophisticated Russian hackers, potentially compromised up to 18,000 customers of IT group SolarWinds.

As of last month, it was confirmed that at least nine federal agencies and 100 private sector groups, including FireEye and Microsoft, were involved in the SolarWinds hack, which lasted for a year and was one of the largest cyber espionage events in the world. US history.

The Biden administration is weighing how to respond to the SolarWinds breach, which was one of several issues. President BidenTrump State Department Designee Joe Biden Arrested in Connection with Capitol Riots FireEye Finds Evidence Chinese Hackers Exploited Microsoft’s Email App Flaw Since January, Biden Officials To Travel To The border amidst influx of young migrants MORE discussed during his first conversation in office with the Russian president Vladimir PutinVladimir Vladimirovich Putin How to think about Russia Do Biden’s ‘tough new sanctions’ give Putin Nord Stream 2? Russia vows retaliation for new US sanctions: ‘We don’t intend to put up with this’ MORE.

The Washington Post reported last month that the administration would impose sanctions on Russia for non-compliance. Psaki said on February 23 that a response will come from the administration. “Weeks, not months.”

.

Source link