- White House urges businesses to patch Microsoft Exchange systems after the servers were targeted in a massive cyberattack
- Attack was indiscriminate and largely affected small and medium-sized businesses
- Microsoft has released information on identifying and repairing Exchange vulnerabilities
Summary by Dirk Langeveld
A senior White House official is urging businesses to patch their Microsoft Exchange servers after the e-mail and calendar service was targeted by a massive cyberattack recently.
On a background press call, the official warned that the window for affected businesses to address a breach could be limited to “hours, not days.” The official also said the Biden administration is looking to strengthen public-private partnerships on cybersecurity, enabling the federal government to quickly share information on threats and “address the liability barriers and disincentives that disincentivize U.S. companies from both addressing some of these issues and rapidly sharing information when there are incidents.”
Hackers began attacking the servers in January, but ramped up their efforts in February with an automated wave of attacks that indiscriminately sought vulnerable servers and targeted hundreds of thousands worldwide. The breaches have primarily affected small and medium-sized businesses, which often have more lax cybersecurity or are less aware that they may have been compromised.
Cybersecurity experts have said hackers may not actively exploit many of the breaches. However, hackers who access a Microsoft Exchange server can monitor e-mails, install software, and potentially take actions such as stealing data or installing ransomware.
Microsoft has blamed the attack on the Chinese-backed group Hafnium, which has traditionally targeted groups such as infectious disease researchers, defense contractors, higher education, NGOs, and policy think tanks. The company also released information on how to identify a potential breach and patch vulnerabilities.