Security News > 2021 > July > U.S., Allies Officially Accuse China of Microsoft Exchange Attacks
The United States and its allies have officially attributed the Microsoft Exchange server attacks disclosed in early March to hackers affiliated with the Chinese government.
In a statement, the White House accused China of using "Criminal contract hackers" to conduct cyber operations.
The White House has also attributed - "With a high degree of confidence" - the initial Microsoft Exchange attacks to hackers affiliated with China's Ministry of State Security.
Multiple threat groups have exploited the Microsoft Exchange vulnerabilities disclosed in early March.
The NSA, FBI and the DHS's Cybersecurity and Infrastructure Security Agency on Monday released an advisory detailing more than 50 tactics, techniques and procedures used by Chinese state-sponsored threat actors in their attacks.
Over the past years, the U.S. has charged several individuals over their alleged role in hacking operations conducted by the Chinese government, including attacks aimed at COVID-19 vaccine makers and the credit reporting agency Equifax.
News URL
Related news
- Hackers use FastHTTP in new high-speed Microsoft 365 password attacks (source)
- Microsoft fixes under-attack privilege-escalation holes in Hyper-V (source)
- Microsoft: Exchange 2016 and 2019 reach end of support in October (source)
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- Microsoft: Outdated Exchange servers fail to auto-mitigate security bugs (source)
- Week in review: 48k Fortinet firewalls open to attack, attackers “vishing” orgs via Microsoft Teams (source)
- Microsoft Teams phishing attack alerts coming to everyone next month (source)
- CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks (source)
- Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
- Microsoft Identifies 3,000 Leaked ASP.NET Keys Enabling Code Injection Attacks (source)