U.S. intelligence and national security agencies will join a task force to look into a major software breach of the Microsoft Exchange program by suspected China-based hackers that affected around 250,000 customers globally and around 30,000 in America,
'Multi-Agency Effort' in Tackling Microsoft Hack
The technology and software sector was rocked by news that Microsoft Exchange's email software was breached and that thousands of American organizations may be affected.
A White House official said that the Biden administration is expected to come up with a "multi-agency" task force that includes the Cybersecurity Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the National Security Council (NSC) and other agencies.
The said task force, dubbed the Unified Coordination Group (UCG), will investigate major breaches of software programs that Microsoft said in a statement this week were linked to China.
The official said that the hack on Microsoft Exchange is "an active threat still developing." The U.S. official also urged network operators around the world and in the United States to "take it very seriously."
Other White House officials last week warned network operators and organizations of potential further cyber threats on software with weak security protection systems.
Patch Bugs and Holes ASAP
On Friday, White House press secretary Jen Psaki urged "everyone" whose systems run on Microsoft servers to "act now" in patching bugs or holes that hackers could infiltrate.
Earlier in the week, national security adviser Jake Sullivan said the Biden administration is very concerned about the breach and has been monitoring reports that agencies under the think tank sector may have been compromised by the Microsoft hack.
The NSC also called on all organizations "with a vulnerable server" to immediately check on their systems to determine if their servers were also affected by the major breach.
What the 'Tech' is Going On?
Last week, tech sites reported that thousands of commercial and government organizations had their email servers hacked.
Microsoft acknowledged that vulnerabilities in the Exchange system allowed hackers to access email accounts. The bigger problem is that the hackers installed malware that could allow them access to the breached servers in the future.
While Microsoft has already patched the bugs, experts on cyber security said that cleaning up the mess will take some time.
Cyber security firm Volexity first discovered the Microsoft Exchange attack. Company president Steven Adair told technology website KrebsOnSecurity that servers running on Exchange that haven't patched the holes could have been "already compromised."
WIRED also reported that Chinese hacking group Hafnium conducted the cyberattack on Microsoft Exchange. Microsoft has also blamed the same group for carrying out the hack.
Volexity said it first detected Microsoft Exchange hacks on Jan. 6, the same day that the U.S. Capitol Hill was mobbed by Trump supporters and an attack that resulted in the deaths of five people.
