“This is an active threat,” White House press secretary Jen Psaki said on Friday.

“Everyone running these servers – government, private sector, academia – needs to act now to patch them.”

Ms Psaki’s warnings followed a tweet by national security adviser Jake Sullivan on Thursday evening that underscored how concerned the Biden Administration is.
The Microsoft Visitor Center in Redmond, Washington.
The US Government has warned about cyber attacks against Microsoft email services reportedly linked to China. (AP)

He urged IT administrators nationwide to install software fixes immediately. Mr Sullivan said the US government is monitoring reports that US think tanks may have been compromised by the attack, as well as “defence industrial base entities”.

Later on Friday, the Cybersecurity and Infrastructure Security Agency underscored the risk in unusually plain language, stating in a tweet that the malicious activity, if left unchecked, could “enable an attacker to gain control of an entire enterprise network”.

In a rare step, White House officials have urged private sector organisations running localised installations of Microsoft Exchange server software to install several critical updates that were released in what information security experts described as an emergency patch release.

The cybersecurity firm FireEye said Thursday it had already identified a number of specific victims, including “US-based retailers, local governments, a university, and an engineering firm.”

Pentagon spokesman John Kirby said the US Defence Department is working to establish if it was targeted by hackers. (AP)

Pentagon press secretary John Kirby told reporters Friday the US Defence Department is currently working to determine if it has been negatively affected by the vulnerability.

“We’re aware of it, and we’re assessing it,” Mr Kirby said. “And that’s really as far as I’m able to go right now.”

Microsoft disclosed this week that it had become aware of several vulnerabilities in its server software being exploited by suspected Chinese hackers.

In the past, Microsoft said, the hacker group responsible – which Microsoft is calling Hafnium – has gone after “infectious disease researchers, law firms, higher education institutions, defence contractors, policy think tanks, and NGOs.”

The group in question had not been previously identified to the public, according to Microsoft.

This content first appear on 9news

Leave a Reply

Your email address will not be published. Required fields are marked *