The computer attack that affected the messaging service provided by the American giant Microsoft, just a few months after the attack of the company Texanne SolarWinds, it is said that thousands of computer systems and computers would be compromised.
Above all, computer networks belonging to the U.S. government, at the top of the private sector.
According to a statement from a U.S. government official, the administration of new President Joe Biden was about to launch a response to his various computer attacks. If the latter, that is to say the official did not wish to be identified, it is confirmed according to several sources that he clearly states that the White House, in collaboration with some private sector companies, is trying to put in place the best possible defenses against cyber malice.
This article will also interest you: Exchange piracy: security experts worried about the presence of a ransomware
If in concrete terms, no link has been established between the recent computer attacks that targeted Microsoft Exchange and that of SolarWinds' Orion software, it does not prevent that, the whole credible hypothesis. With regard to the latest cyberattack, it had been envisaged by the US authorities that the computer attack might have been carried out by the Russian authorities, who were hiding behind cyber criminals. Accusation denied by the latter. This will no doubt explain the rumors about possible retaliation from the Americans.
"You can expect future announcements on this topic in a few weeks, not months," the senior U.S. official said during a meeting with the press on the two computer attacks (SolarWinds and Microsoft Exchange).
U.S. authorities said federal agencies successfully intervened to repair and computer systems of the nine agencies that had been impacted by the Texane company's cyberattack. On the side of the Microsoft Exchange cyberattack, an emergency federal action on one also underway. For, admittedly, cyber criminals have activated several security vulnerabilities that can have damaging consequences.
The senior official said that in order to find solutions to the current problem, "for the first time we have invited private sector companies to participate in major national security meetings about attacks." He says the response "is still evolving." "We really have a short window of time to fix vulnerable servers," "it's a matter of hours, not days," he adds.
As a reminder, it should be said that a new type of ransom program exploits a security flaw that was created during a computer attack on Microsoft Exchange servers. Compared to what the experts say, a massive attack can cause a lot of damage if not anticipated.
"We have detected and are blocking a new family of ransom software used after an initial attack on unupdated local Exchange servers," Redmond's corporate security department said on Twitter.
The software indexed these days on is of Chinese origin. It is called "DearCry." It was reportedly used by a group of hackers known as "Hafnium". A hacker group apparently, which is reportedly supported by the Chinese government in Beijing. Nearly 30,000 organizations made up of U.S. local communities and private companies were reportedly affected by the latest malware.
In the face of the situation, Brent Callow of Emsisoft, a cybersecurity firm, says, "It will be easy to update to prevent future intrusions, but not to make fixes to systems that have been attacked." He added: "It is absolutely essential that governments quickly develop a strategy to help companies secure their Exchange servers and fix loopholes before the already serious situation worsens."
For the time being, the U.S. government's strategy for initiating its counter-attack has not been revealed. No details either on the side of Microsoft or other companies such as FireEyes or SolarWinds, which could be involved in some way to this response.
Now access an unlimited number of passwords: