Security News > 2021 > April > Who knew Uncle Sam had strike teams for SolarWinds, Exchange flaws? Well, anyway, they are disbanded

The US government's response groups for dealing with recent SolarWinds and Microsoft Exchange vulnerabilities have reached the end of the road. In a statement on Monday, US Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger said the two Unified Coordination Groups formed in January and March respectively will be disbanded.

The SolarWinds incident, disclosed last December and subsequently attributed to the Russian Foreign Intelligence Service, involved the hacking of SolarWinds' Orion IT management platform and is believed to have compromised at least nine federal agencies and about 100 private sector organizations.

Last week, US President Joseph Biden announced sanctions against Russia for interference in the 2020 US elections and involvement in the SolarWinds attack, among other things.

The Microsoft Exchange flaws - four zero day vulnerabilities fixed in March and two more patched last week - were initially attributed to hackers in China.

The US government's decision to wrap up its intervention efforts follows vulnerability analysis provided by the National Security Agency to Microsoft and the Federal Bureau of Investigation's extraordinary court-approved intervention to shut down web shells installed on compromised Exchange servers.

"While this will not be the last major incident, the SolarWinds and Microsoft Exchange UCGs highlight the priority and focus the Administration places on cybersecurity, and at improving incident response for both the US government and the private sector," said Neuberger.

News URL

https://go.theregister.com/feed/www.theregister.com/2021/04/19/federal_solarwinds_investigation/