By Jeff Mason
WASHINGTON (Reuters) – The White House on Sunday called on computer network providers to take more steps to gauge whether their systems were targeted amid a hack of Microsoft Corp’s Outlook email program, it said. That the latest software patches still leave serious vulnerabilities.
“This is an evolving threat and we urge network operators to take it seriously,” said a White House official, adding that top US security officials are working to decide whether to take action. What are the next steps after the violation?
CNN on Sunday separately reported that the Biden administration was setting up an agency to tackle the hack. A White House official said in a statement that the administration was “Responding to all governments”;
While Microsoft released a patch last week to fix a bug in its email software, the fix still opens a so-called back door that can allow access to compromised servers and keep others attacking.
“We cannot emphasize enough that fixes and mitigation are not fixes if servers are compromised, and it is imperative that any organization with vulnerable servers takes measures to verify that they are targeted.” Then or not?
More than 20,000 US organizations have been hacked, sources told Reuters Microsoft has blamed China, although Beijing denies any role.
The back channel for remote access could affect credit unions, city governments and small businesses and make U.S. officials struggle to reach victims, with the FBI on Sunday urging them to contact the unit. Law enforcement work
Affected people appear to be hosting Microsoft’s web version of Outlook email program on their own machines rather than cloud service providers, potentially saving large corporations and federal agencies, notes from the investigation suggested.
A Microsoft representative on Sunday said it was working with the government and other agencies to help guide customers, and the company had urged affected customers to apply the software update as quickly as possible.
Neither the company nor the White House have indicated the size of the hack. Microsoft initially said it was limited, but last week the White House voiced concerns about “Many victims” that could occur.
So far, only a small percentage of the infected networks have been compromised through the back door, sources previously told Reuters. But more attacks are expected.
(Reporting by Jeff Mason; (Additional reporting by Susan Heavey and Sarah N. Lynch in Washington and David French in New York; Editing by Lisa Shumaker)