The perpetrator, Microsoft said in a blog post, is a hacker group that the company has "high confidence" is working for the Chinese government and spies primarily on American targets. The latest software update for Exchange blocks the hackers, prompting the U.S. Cybersecurity and Infrastructure Security Agency, or CISA, to issue a rare emergency directive that requires all government networks do so.
CISA, the U.S.'s primary defensive cybersecurity agency, rarely exercises its authority to demand that the entire U.S. government take steps to protect its cybersecurity. The move was necessary, the agency said, because the Exchange hackers are able "to gain persistent system access." All government agencies have until noon Friday to download the latest software update.
In a separate blog post, Microsoft Vice President Tom Burt wrote that the hackers have recently spied on a wide range of American targets, including disease researchers, law firms and defense contractors.
Get a weekly recap of the latest San Francisco Bay Area housing news. Sign up for NBC Bay Area’s Housing Deconstructed newsletter.
Read the full story on NBCNews.com