The White House warns that an “active threat” persists after an attack on Microsoft’s mail service
The White House has urged computer network operators to take additional steps to determine whether their systems have been hacked after a hack of Microsoft’s Outlook email program was discovered. According to the US Government, the patch software that the company has implemented to neutralize it “continues to leave serious vulnerabilities”. “This is an active threat that continues to develop and we urge network operators to take it very seriously,” said a White House official quoted by Reuters, adding that top US security officials were at work. to decide what action to take after the leak. The White House official, in a statement, said that the administration was giving “a comprehensive response from the Government.”
“At least 30,000 organizations … have been hacked in recent days by an unusually aggressive Chinese cyber espionage unit, which focuses on email theft, according to various sources,” he said. Brian Krebs and your blog KrebsonSecurity. Microsoft had warned on Tuesday that hackers from the so-called Hafnium group were exploiting security breaches in Exchange messaging services to steal business user data.
Microsoft released a patch last week to shore up the flaws in Outlook email. The remedy, however, says the Government, continues to leave the call open back door which can allow access to compromised servers and the perpetuation of new attacks by others. “We cannot stress enough that patching and mitigation are not a solution if servers have already been compromised, and it is essential that any organization with a vulnerable server take action to determine whether they have already been attacked,” said the official from the White House.
Those affected appear to host the web versions of Microsoft’s email program on their own machines rather than on cloud providers, possibly preventing many large companies and federal government agencies from being affected, the records of the Microsoft Office suggest. research. A Microsoft representative said Sunday that the corporation works with the White House and various companies to help guide customers and urged affected customers to apply the updates from Microsoft. software as soon as possible. Microsoft initially said that the impact of the attack had been “limited.” The White House, however, expressed concern last week about the possibility of having produced “a large number of victims.”