Security News > 2021 > July > U.S., Allies Officially Accuse China of Microsoft Exchange Attacks
The United States and its allies have officially attributed the Microsoft Exchange server attacks disclosed in early March to hackers affiliated with the Chinese government.
In a statement, the White House accused China of using "Criminal contract hackers" to conduct cyber operations.
The White House has also attributed - "With a high degree of confidence" - the initial Microsoft Exchange attacks to hackers affiliated with China's Ministry of State Security.
Multiple threat groups have exploited the Microsoft Exchange vulnerabilities disclosed in early March.
The NSA, FBI and the DHS's Cybersecurity and Infrastructure Security Agency on Monday released an advisory detailing more than 50 tactics, techniques and procedures used by Chinese state-sponsored threat actors in their attacks.
Over the past years, the U.S. has charged several individuals over their alleged role in hacking operations conducted by the Chinese government, including attacks aimed at COVID-19 vaccine makers and the credit reporting agency Equifax.
News URL
Related news
- Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
- Microsoft Identifies 3,000 Leaked ASP.NET Keys Enabling Code Injection Attacks (source)
- Microsoft Uncovers Sandworm Subgroup's Global Cyber Attacks Spanning 15+ Countries (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Microsoft's End of Support for Exchange 2016 and 2019: What IT Teams Must Do Now (source)
- Microsoft fixes Power Pages zero-day bug exploited in attacks (source)
- Botnet targets Basic Auth in Microsoft 365 password spray attacks (source)
- New ClickFix attack deploys Havoc C2 via Microsoft Sharepoint (source)
- China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access (source)
- Feds name and charge alleged Silk Typhoon spies behind years of China-on-US attacks (source)