White House spokesman Jen PsakiJen PsakiOn the Money: Senate votes to pass COVID-19 relief bill | Shares sink after Powell fails to calm nervous traders Job report in February to provide first measure for Biden’s economy Biden abolishes second military target in Syria minutes before strike: White House report says Shalanda Young could serve as acting OMB director MORE said on Friday that the Biden administration was closely monitoring the violation of a Microsoft e-mail application reported by Chinese hackers, calling on it “Active threat”
“This is a significant vulnerability that could have far-reaching consequences. “First of all, this is an active threat,” Psaki told reporters during a daily press briefing.
She pointed to a tweeting by a national security adviser Jake SullivanJake SullivanFireEye finds evidence that Chinese hackers have exploited the lack of Microsoft email applications since January A Biden stumble in China? Iran, hostages and déjà vu – Biden needs to do better MORE on Thursday night, called on network administrators to fix their systems against a previously unknown vulnerability in Microsoft’s Exchange Server email application.
Microsoft said earlier this week that the flaw had been exploited by a Chinese government hacking group targeting various organizations.
The cybersecurity group FireEye said in blog post late Thursday night that the hackers had been in at least one client system since January and that they had gone after “US-based retailers, local governments, a university and an engineering firm,” along with the Southeast Asian government and the Central Asian Telecommunications Group.
There are probably other international victims, such as the National Cyber and Information Security Service of the Czech Republic issuing statement Friday said it was helping affected organizations.
While Psaki declined to comment on whether a federal agency had been compromised, she called on network operators to “consider whether they have already been compromised” and, if so, to “take appropriate steps.”
“Everyone who runs these servers – government, the private sector, academia – must act now to patch them up,” Psaki said. “We are concerned that there are a large number of victims and we are working with our partners to understand the scope of this. So this is an ongoing process. “
“We are still looking closely at what happened and the next steps that need to be taken,” Psaki added.
Although there is no confirmation of compromised federal agencies, the Agency for Cybersecurity and Infrastructure Security (CISA) issued an urgent directive earlier this week, ordering all agencies to immediately investigate whether they have been breached and, if so, either implement a correction or discontinue the connection to the Exchange Server.
CISA stated that the violation “poses an unacceptable risk to the agencies of the Federal Civil Enforcement Branch. “
Microsoft claimed earlier this week that a Chinese hacker group known as Hafnium was responsible for exploiting the vulnerabilities. Microsoft noted that the group had previously tried to steal information from infectious disease researchers, law firms, universities, defense executors, political think tanks and NGOs.
The news comes as the federal government continues to investigate the hacking of SolarWinds. The incident, which US intelligence said in January was likely perpetrated by advanced Russian hackers, potentially compromised up to 18,000 SolarWinds customers.
As of last month, at least nine federal agencies and 100 private sector groups, including FireEye and Microsoft, have been confirmed to have been compromised in a year-long hacking of SolarWinds that was one of the largest cyber spy events in US history. .
The Biden administration is considering how to respond to the SolarWinds breach, which was one of several problems President BidenJoe Biden, appointed by the State Department arrested in connection with the Capitol riots in FireEye, finds evidence that Chinese hackers have used the lack of Microsoft’s email application since January to travel to the border amid an influx of young migrantsMORE discussed during his first conversation in the office with the Russian president Vladimir PutinVladimir Vladimirovich Putin How to think about Russia Do Biden Putin’s “severe new sanctions” give Nord Stream 2? Russia vows revenge for new US sanctions: “We do not intend to tolerate this” MORE.
The Washington Post reports last month that the administration would impose sanctions on Russia for the violation. Psaki said on February 23 that a response from the administration would come in “Weeks, not months.”