Vulnerabilities that spurred an emergency directive to analyze and patch or disconnect a Microsoft email and scheduling service have not compromised any federal agencies, a top Cybersecurity and Infrastructure Security Agency official told members of Congress.
CISA issued the emergency directive last week as researchers described how it was being exploited to access the communications of tens of thousands of victims, including local governments and universities. The directive followed the release of security patches from Microsoft, which attributed exploitation of the vulnerabilities to a China-based group it called Hafnium.
“We have seen outstanding responses to that directive and now the vast majority of Microsoft Exchange Servers have been mitigated across the federal civilian executive branch,” said Eric Goldstein, executive assistant director of CISA’s cybersecurity division. “At this point in time, there are no federal civilian agencies that are confirmed to be compromised by this campaign.”
He caveated the statement by noting that CISA is still working with individual agencies to assess their analysis of the evolving campaign and that new information emerges every hour.
Goldstein testified before the House Appropriations Committee’s Subcommittee on Homeland Security Wednesday along with CISA Acting Director Brandon Wales. The two fielded questions on the Exchange servers as well as the hacking campaign revealed in December that compromised at least nine federal agencies and 100 companies in making a case for greater investment in CISA.
The hearing came as lawmakers prepared to vote on the latest COVID relief bill, which contains almost $2 billion for cybersecuri ..
Support the originator by clicking the read the rest link below.
