Pentagon 'assessing systems' after 30,000 US organizations hacked via holes in Microsoft software

The Pentagon is reviewing US military networks for possible damage following a series of newly discovered cyber intrusions that Microsoft said were linked to a Chinese hacking unit.

“We are aware of the Microsoft threat intelligence center’s report. We are currently assessing our networks right now for any evidence of impact,” Pentagon Press Secretary John Kirby said at a press conference on Friday.

“We’re also taking all necessary steps to identify and remedy any possible issues related to the situation,” he added.

Microsoft announced the massive cyberattack on its Exchange email platform earlier this week, noting that several vulnerabilities in its server software had given “long-term access” to hackers.

The tech giant attributed the breach to Hafnium – an allegedly “state-sponsored” cyber espionage unit operating out of China.

For years, US authorities have accused China of conducting widespread cyber operations against American businesses and government agencies. Beijing has denied the allegations.

The announcement marked the latest cyber breach to hit the United States after a suspected Russian hacking campaign was disclosed in December, which involved breaking into a networking-software company called SolarWinds and affecting about 100 companies and nine government agencies.

The latest cyberattack by contrast was much larger in scope, infecting tat least 30,000 organizations across the US -- including a significant number of businesses, towns, cities and local governments.

Security experts familiar with the matter said they were concerned that response teams have already been pushed to their limits handling the earlier cyber intrusion and may not be adequately prepared to respond to the latest incident.

The latest hack has prompted widespread concern within the Joe Biden administration, with several officials sounding the alarmin recent days about its severity.

On Friday, White House Press Secretary Jen Psaki said Microsoft vulnerabilities “could have far-reaching impacts” and result in a “large number of victims.”

“This is an active threat,” Psaki said. “Everyone running these servers -- government, private sector, academia -- needs to act now to patch them.”

Later in the day, the Cybersecurity and Infrastructure Security Agency underscored the risk in unusually plain language, warning in a tweet that the cyberattack, if unchecked, could “enable an attacker to gain control of an entire enterprise network.”

The US government's unusually public response to the intrusion came as a surprise to many security experts, a reflection of both the Biden administration’s concern and the scale of the threat.

“Is this the first time the National Security Advisor has promoted a specific patch?” said John Hultquist, the vice president of FireEye's Mandiant Threat Intelligence arm.

Press TV’s website can also be accessed at the following alternate addresses:

www.presstv.co.uk