“This is an active threat,” White House press secretary Jen Psaki said Friday. “Everyone running these servers — government, private sector, academia — needs to act now to patch them.”
tweet by national security adviser Jake Sullivan Thursday evening that underscored how concerned the Biden administration is. He urged IT administrators nationwide to install software fixes immediately. Sullivan said the US government is monitoring reports that US think tanks may have been compromised by the attack, as well as “defense industrial base entities.”
Later on Friday, the Cybersecurity and Infrastructure Security Agency underscored the risk in unusually plain language, stating in a tweet that the malicious activity, if left unchecked, could “enable an attacker to gain control of an entire enterprise network.”
In a rare step, White House officials have urged private sector organizations running localized installations of Microsoft Exchange server software to install several critical updates that were released in what information security experts described as an emergency patch release.