Advertisement

Microsoft Outlook hack an ‘active threat’, White House says

  • Source said more than 20,000 US organisations compromised by hack
  • Microsoft has blamed on China, although Beijing denies any role

Reading Time:2 minutes
Why you can trust SCMP
1
A Microsoft office in Los Angeles, California. Photo: Reuters

The White House on Sunday urged computer network operators to take further steps to gauge whether their systems were targeted amid a hack of Microsoft Corp’s Outlook email programme, saying a recent software patch still left serious vulnerabilities.

Advertisement

“This is an active threat still developing and we urge network operators to take it very seriously,” a White House official said, adding that top US security officials were working to decide what next steps to take following the breach.

CNN on Sunday separately reported the Biden administration was forming a task force to address the hack. The White House official, in a statement, said the administration was making “a whole of government response”.

While Microsoft released a patch last week to shore up flaws in its email software, the remedy still leaves open a so-called back door that can allow access to compromised servers and perpetuating further attacks by others.

“We can’t stress enough that patching and mitigation is not remediation if the servers have already been compromised, and it is essential that any organisation with a vulnerable server take measures to determine if they were already targeted,” the White House official said.

Already, a source told Reuters more than 20,000 US organisations had been compromised by the hack, which Microsoft has blamed on China, although Beijing denies any role.

Advertisement

The backchannels for remote access can impact credit unions, town governments and small business, and have left US officials scrambling to reach victims, with the FBI on Sunday urging them to contact the law enforcement agency.

Advertisement