Biden admin to form task force to deal with Microsoft hack linked to China
Updated: Mar 07, 2021 11:11 IST
Washington [US], March 7 (ANI): A US official said that President Joe Biden‘s administration is expected to put together a task force to deal with major cyber intrusions that Microsoft said this week were linked to China as relations between the two — Washington and Beijing — continues to spiral downwards.
CNN, citing the US official, reported that there are an estimated 30,000 affected customers in the US and 250,000 globally, though those numbers are expected to increase. However, the White House declined to comment on the number of victims affected.
“We are undertaking a whole of government response to assess and address the impact. The Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive to agencies and we’re now working with our partners and looking closely at the next steps we need to take. This is an active threat still developing and we urge network operators to take it very seriously,” a White House official said.
The US official said that the task force or, “Unified Coordination Group” (UCG), is a multi-agency effort initiated by the National Security Council, that includes FBI, Cybersecurity and Infrastructure Security Agency (CISA) and others.
The National Security Agency also has a role in the response, though it’s not clear if its involvement is codified as part of the UCG directive, according to another source familiar with the situation.
“This has the potential to simultaneously affect organizations that are critical to everyday life in the US,” a source familiar with the investigation into the attack told CNN, noting that state and local government agencies were among those affected.
The Hill reported that Cybersecurity group FireEye on Thursday night announced it had found evidence that hackers had exploited a flaw in a popular Microsoft email application since as early as January to target groups across a variety of sectors.
FireEye analysts wrote in a blog post that the company had observed the hackers — who Microsoft announced earlier this week were a Chinese state-sponsored hacking group known as “Hafnium” — exploiting vulnerabilities in Microsoft‘s Exchange Server email program to target at least one FireEye client beginning in January.
The news outlet further reported that Microsoft said the Chinese hacking group was actively exploiting previously unknown security flaws in Exchange Server to go after groups running the program.
The company noted that Hafnium had previously been known to steal information from organizations including infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks and non-governmental organizations.
In February, the National Counterintelligence and Security Center (NCSC) warned that the efforts made by the Chinese Communist Party to obtain US health…