The senior official, who declined to be identified, said the White House was working closely with the private sector to quickly build better cyber security following the attack targeting Microsoft’s transactional mail service servers.
The attack comes just months after an attack on Solar Winds security software, which could compromise thousands of public and private sector computer networks.
U.S. officials had previously indicated that action could be taken against Russia because Moscow was linked to the attack on the Solar Winds.
Recent reports from a senior official say a response is immediate.
“You can expect more announcements on this matter in a few weeks, not a few months,” a senior U.S. official told reporters after the two cyber attacks.
Federal agencies have made progress in repairing systems in the nine agencies affected by the attack on Solar Winds, he said.
But emergency action is underway to address the attack on Microsoft Exchange, which has opened security holes and been exploited by cybercriminals and others.
“We have invited private sector companies for the first time” to attend major national security meetings on the attacks to find solutions, he said, urging the senior official, adding that the response was “still ongoing and evolving”.
According to him, “We have a short window to fix vulnerable servers”, “This is hours, not days”.
According to Microsoft, a new type of ransomware exploits the security vulnerabilities that result from an attack on Exchange servers, an American computer company. According to cyber security experts, a massive attack can cause significant damage.
“We have detected and prevented new family ransomware used after the initial attack on local transaction servers,” Microsoft’s Department of Defense said on Twitter on Thursday evening.
The software, known as “Dear Cry”, was discovered after a so-called “Hafnium” attack, backed by a group of Chinese hackers, Beijing. It is believed to have affected at least 30,000 organizations in the United States, including businesses, cities and local communities.
Other experts, including IT ransomware founder Michael Gillespie, on Thursday discovered software that encrypts computer systems and demanded a ransom to unlock them.
“Creating updates to prevent future intrusions will be easy, but vulnerable systems will not be repaired,” said Brent Gallo, a computer security firm at McSoft.
“Governments need to quickly develop a strategy to help businesses protect their transaction servers and repair vulnerabilities before the already bad situation worsens.
This week, the FBI and the Department of Homeland Security (DHS) had already warned of the impact of the exchange. According to a joint statement, it could be used to “compromise networks, steal information, encrypt data for recovery requests, or carry out destructive attacks.”
DHS’s cybersecurity department has called for a single link between the public and private sectors, as experts want strong action from the Biden administration, such as the return of the hack.