(Washington) A senior US official said on Friday that the Biden administration will prepare to make a decision on responding to the latest cyberattacks, with concern growing about the consequences of the latest attack.
The senior official, who requested anonymity, said the White House was working closely with the private sector to quickly build better cyber defenses in the wake of the attack on Microsoft Exchange mail servers.
SolarWinds
The attack came months after the attack on the SolarWinds security program, which has likely damaged thousands of government and private computer networks.
US officials had previously hinted that action could be taken against Russia, as Moscow has been linked to the attack on SolarWinds.
Recent statements from the senior official indicate that a response is imminent.
“You can expect more announcements about this in a few weeks, not a few months,” the senior US official said in an interview with the press about the two cyber attacks.
He added that federal agencies were making progress in fixing systems in the nine agencies affected by the attack on SolarWinds.
But an emergency process is underway to fix the attack on Microsoft Exchange, which has opened security holes and is actively exploited by cybercriminals and others.
To find solutions, “for the first time we have invited private sector companies to participate” in major national security meetings about the attacks, the senior official also stressed, who said the response “is still underway. To evolve.”
According to him, “We really have a short period of time to fix weak servers,” “it’s a matter of hours, not days.”
For Microsoft, a new type of ransomware takes advantage of the security flaw caused by the attack on the US computer giant’s Exchange servers. And according to cybersecurity experts, the massive attack can cause significant damage.
“We have detected and are blocking a new family of ransomware used after an initial attack on local Exchange servers that has not been updated,” Microsoft’s security department said on Twitter Thursday evening.
Chinese pirates
The program, dubbed “DearCry”, was exposed after the attack attributed to “Hafnium”, a group of Chinese hackers backed by Beijing, according to experts. It is believed to have affected at least 30,000 organizations, including companies, cities and communities in the United States.
Other professionals, including ID Ransomware founder Michael Gillespie, on Thursday discovered the program that encrypts computer systems and asks for a ransom to unlock them.
“It will be easy to perform updates to prevent future intrusions, but not to correct the systems that have been attacked,” said Brent Callow of computer security firm Emsysoft.
“It is absolutely imperative that governments quickly put in place a strategy to help companies secure their Exchange servers and fix vulnerabilities before the already deteriorating situation gets worse,” he added.
This week, the FBI and the Department of Homeland Security (DHS) have already warned of the weakness of the Exchange. According to a joint statement, it could be used to “hack networks, steal information, encrypt data to demand ransom, or even carry out devastating attacks.”
The Department of Homeland Security’s Cybersecurity Division has called for the creation of a single patch for government and the private sector, as experts want robust measures from the Biden administration, such as the hacking, in return.
