Pentagon Assessing Its Networks for Possible Damage After Microsoft Breach, Spokesman Says

Earlier this week, Microsoft accused a Chinese hacking group known as "Hafnium" of breaching its Exchange Server email application. Microsoft had previously accused the company of attempting to steal information from infectious disease researchers, defense contractors, policy think tanks and non-governmental organizations.

Pentagon spokesperson John Kirby on Friday revealed the US Department of Defense was assessing its networks for possible damage after the Microsoft breach.

“We are aware of the Microsoft threat intelligence center’s report. We are currently assessing our networks right now for any evidence of impact,” Kirby said.

“We are also ... taking all necessary steps to identify and remedy any possible issues related to the situation," he added.

The latest statement by the Pentagon comes after White House press secretary Jen Psaki said that the Biden administration is monitoring the Microsoft breach, which had a "large number of victims," the Hill reported.

“This is a significant vulnerability that could have far-reaching impacts. First and foremost, this is an active threat,” Psaki told reporters during the press briefing. However, she did not provide any information on whether any federal agencies were compromised by the hack. She did urge network operators who had been comprised to swiftly "take appropriate steps."

“Everyone running these servers — government, private sector, academia — needs to act now to patch them. We are concerned there are a large number of victims and we are working with our partners to understand the scope of this. So it’s an ongoing process," Psaki said, the Hill reported.

In a Thursday blog post, cybersecurity group FireEye said that the hackers had targeted “US-based retailers, local governments, a university, and an engineering firm" as well as a Southeast Asian government and a Central Asian telecom group.

The Czech Republic’s National Office for Cyber and Information Security also released a statement Friday stating it would assisting organizations impacted by the hack, suggesting that the hack has had international ramifications.

This week, the Department of Homeland Security also issued an emergency warning to any government agencies using the Exchange email software.

Since the breach, Microsoft has updated its software.

“Even though we’ve worked quickly to deploy an update for the Hafnium exploits, we know that many nation-state actors and criminal groups will move quickly to take advantage of any unpatched systems,” Tom Burt, Microsoft’s corporate vice president of customer trust and security, wrote in a blog post.