The White House on Wednesday said a new interagency working group stood up in response to compromise earlier this month of a widely used Microsoft [MSFT] software product includes private sector participation and worked with the software giant to get a fix out to users, particularly small businesses.
The Cyber Unified Coordinating Group (UCG) leadership met on Monday at the direction of the National Security Council (NSC) to coordinate response efforts to the attack on the Microsoft Exchange Server software and related vulnerabilities, Jen Psaki, the White House spokeswoman said in a statement.
“The cost of the cyber incident response weighs particularly heavily on small businesses,” Psaki said in the statement. “Hence, we requested that Microsoft help small businesses with a simple solution to this incident. In response, Microsoft has released a one-click mitigation tool. We encourage every business or organization that has not yet fully patched and scanned their Exchange Server to download and run this free tool.”
The stand-up of the new UCG for the Exchange Server incident, which began in January, was announced by a senior administration official last Friday. That official, during a background briefing for media, said that for the first time the UCG had invited private sector participation “because we still believe that public-private partnership is foundational in cyber security, and we want to ensure we’re taking every opportunity to include key private sector participants early and directly in our remediation efforts.”
The administration official also said that the NSC is leading the response to the hack of the Microsoft email server software.
Anne Neuberger, deputy National Security Advisor for Cyber and Emerging Technology, said in a statement on Wednesday that the “administration is committed to working with the private sector to build back better, including to modernize our cyber defenses and enhance the nation’s ability to respond rapidly to significant cyber security incidents.” Neuberger said in February that the Biden administration plans to continue to work closely with the private sector on cyber security.
The statements by Psaki and Neuberger were made to keep the public updated about the ongoing response to the Exchange Server incident and urge organizations using the tool to take advantage of the “one-click” fix put out by Microsoft.
Last December, the FBI, the Office of the Director of National Intelligence, and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) stood up a UCG to manage a whole-of-government response to a hack of network management software provided by SolarWinds [SWI].
Breaches of federal and private networks via the SolarWinds product are believed to be from Russia and China is thought to be behind the Microsoft software hack.
The Biden administration is messaging that cyber security is a top priority and requested $650 million for CISA from Congress in a recent pandemic relief package that was approved. Agency officials told Congress last week that the new funding is just a down payment on its resource needs and that it will spend the money on improving the security of federal civilian agency networks.
The COVID-19 relief bill also includes funding to accelerate the modernization of federal agency information technology networks, which is expected to bolster the security posture of these agencies.
The senior administration official last Friday told media that the administration was three weeks into a four-week effort to remediate agencies compromised by the SolarWinds incident. Technology fixes for nine federal agencies that have been compromised in that hack will be rolled out in the near-term the official said, adding that the fixes will eventually be broadened to other agency networks.
“As we talked about during a press event a number of weeks ago, we cannot defend a network if we can’t see a network,” the official said. “And in our review of what caused SolarWinds, we saw significant gaps in modernization and in technology of cyber security across the federal government. So, we will be rolling out technology to address the specific gaps we identified, beginning with the nine compromised agencies. We want to make the federal government a leader, not a laggard, in cyber security. And we know we need to be able to defend against the adversaries who pursue the nation’s diplomatic, law enforcement and health efforts.”