The White House is considering forming a task force to address a cyber attack on on-premise Microsoft Exchange Servers launched by a group of threat actors operating from China, CNN reported Sunday.
Microsoft (Nasdaq: MSFT) issued security updates after it found that a state-sponsored threat actor from China, called Hafnium, was targeting defense contractors, law firms, policy think tanks, infectious disease researchers and other entities to steal data by compromising the servers.
CNN cited a U.S. official who estimates there are approximately 30,000 affected clients in the U.S. and 250,000 victims abroad.
A White House official said the Biden administration is taking a “whole of government response” to address the impact of the cyberattack and that the Cybersecurity and Infrastructure Security Agency released an emergency directive in response to the matter. The directive requires agencies to update their on-premises servers with security patches or disconnect the products.
The Washington Post reported Saturday that government authorities could meet this week to discuss the possible formation of the new interagency group to investigate the Microsoft security incident and identify response measures.
Public and private sector customers use Microsoft Exchange to manage email servers in the cloud, the report noted.