The White House has warned that hackers may have compromised a “large number of victims” in the United States by exploiting recently revealed vulnerabilities in Microsoft software.
White House press secretary Jen Psaki said on Friday that there was currently an “active threat” from hackers exploiting four flaws in Microsoft’s Exchange messaging app, which the tech group revealed. earlier this week. The company blamed a group of Chinese state-backed hackers for the attacks.
“This is a significant vulnerability that could have far-reaching impacts,” Psaki said. “We are concerned that there are a large number of casualties and are working with our partners to understand the scope.”
Brian Krebs, a cybersecurity researcher, said in a blog post on Friday that at least 30,000 organizations “including a significant number of small businesses, cities and local communities” had been hacked in recent days after Microsoft’s disclosure, citing several sources informed on the matter.
Microsoft released a blog post in which he said that a group of hackers had launched “limited and targeted attacks” to gain access to the emails. He also said that the hackers tried to penetrate deeper into the computer systems of the victims in order to hide there unnoticed for a long time.
Microsoft attributed the campaign to a group of Chinese state-sponsored hackers called Hafnium. China on Wednesday denied any responsibility, according to a Reuters report. The White House did not tie the campaign to any particular country.
It is not known who was the victim of the attacks. Microsoft said Hafnium tended to target “infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and NGOs” in the past.
Late Thursday, national security adviser Jake Sullivan said in a tweet that the White House was “following.” . . reports of potential compromise from US think tanks and defense industry base entities ”.
He and Psaki urged the government, private sector companies and academic institutions to patch their systems after Microsoft released patches for the vulnerabilities.
The concerns follow revelations in December that a massive cyberespionage campaign, possibly backed by Russia, has targeted U.S. government agencies and businesses that have gone unnoticed for at least a year.
The authorities are still struggling to understand the extent of the fallout from the SolarWinds hacking, which prompted President Joe Biden to prioritize US cybersecurity. The Biden administration is preparing now punishments and other executive orders in response to the hack.
James Lewis, a cyber expert at the Center for Strategic and International Studies, said it appeared Microsoft and the US government discovered the Chinese attack as they “searched for SolarWinds.”
“This is the downside of a big hack by someone else because it increases the chances of you being discovered,” Lewis said. “The Chinese should send a bill to the Russians.”