Biden Team Vows Fast Response on SolarWinds, Microsoft Hacks

(Bloomberg) -- The Biden administration said it’s moving quickly to respond to recent cyber attacks on the U.S., vowing executive action on a hack using SolarWinds Corp. software and working with Microsoft Corp. as users apply patches for the latest breach that company has faced.

A senior administration official, speaking to reporters Friday on the condition of anonymity, discussed the U.S. investigations into the two sprawling hacking campaigns -- one of which compromised the Microsoft Exchange email service and the other that leveraged popular software by Texas-based SolarWinds -- in order to breach American networks.

To address the Microsoft Exchange hack -- in which suspected Chinese hackers exploited flaws to break into tens of thousands of networks -- the U.S. stood up a public-private coordination group and is working with the Redmond, Washington-based company to roll out patches, the official said.

The official added that a response was urgently needed to prevent the hackers from securing a stronger hold inside critical technology systems.

In response to the SolarWinds breach, which the U.S. has attributed to suspected Russian hackers, the official said the Biden administration will announce executive action in coming weeks as well as a rollout of technology to improve the notoriously outdated systems used in federal agencies.

Russian and Chinese officials have denied that their nations had anything to do with the hacks.

The government is still working to determine the scope of the attacks on Microsoft and SolarWinds software, National Security Adviser Jake Sullivan said at the White House earlier on Friday. The hacks are “still ongoing in the sense that we are still gathering information,” Sullivan said, calling their scale “significant.”

“Malign actors” remain in some Microsoft Exchange systems, the software the company sells for corporate email systems, Sullivan said.

A new technology rollout planned by the government will initially cover the nine federal agencies compromised in the SolarWinds attack, all of which have completed a review of their systems or will do so by the end of the month, the official said. The breach also targeted at least 100 U.S. companies.

In addition, the official said the Commerce Department is moving ahead with a rule to implement a Trump-era executive order to require cloud providers to know their customers and address the threat of adversaries operating under U.S. infrastructure.

Sullivan said that President Joe Biden discussed recent hacks of U.S. computer networks and a global shortage of semiconductors with the leaders of Japan, Australia and India on Friday, said.