Security News > 2021 > March > FireEye CEO: Reckless Microsoft Hack Unusual for China
Cyber sleuths have already blamed China for a hack that exposed tens of thousands of servers running its Exchange email program to potential hacks.
The CEO of a prominent cybersecurity firm says it now seems clear China also unleashed an indiscriminate, automated second wave of hacking that opened the way for ransomware and other cyberattacks.
The White House has called the overall hack an "Active threat," but so far has not urged tough action against China or differentiated between the two waves - at least not publicly.
The explosion of automated backdoor-creating hacks began five days before Microsoft issued a patch for the vulnerabilities first detected in late January by the cybersecurity firm Volexity.
Asked for comment on Monday about allegations it was behind the hack, the Chinese Embassy in Washington pointed to remarks last week from Foreign Ministry spokesperson Wang Wenbin saying that China "Firmly opposes and combats cyber attacks and cyber theft in all forms." He said attribution of cyberattacks should be based on evidence and not "Groundless accusations."
Mandia compared the Exchange hack with the SolarWinds hacking campaign that Washington has blamed on elite Russian intelligence agents that his company discovered in December.
News URL
Related news
- Microsoft faces bipartisan criticism for alleged censorship on Bing in China (source)
- Key Lesson from Microsoft’s Password Spray Hack: Secure Every Account (source)
- Microsoft slammed for lax security that led to China's cyber-raid on Exchange Online (source)
- Microsoft slammed for lax security that led to China's cyber-raid on Exchange Online (source)
- U.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based Hackers (source)
- US Cyber Safety Review Board on the 2023 Microsoft Exchange Hack (source)
- CISA orders agencies impacted by Microsoft hack to mitigate risks (source)