Security News > 2021 > July > US and allies officially accuse China of Microsoft Exchange attacks
US and allies, including the European Union, the United Kingdom, and NATO, are officially blaming China for this year's widespread Microsoft Exchange hacking campaign.
The Biden administration attributes "With a high degree of confidence that malicious cyber actors affiliated with PRC's MSS conducted cyber espionage operations utilizing the zero-day vulnerabilities in Microsoft Exchange Server disclosed in early March 2021.".
"The attack on Microsoft Exchange software was highly likely to enable large-scale espionage, including acquiring personally identifiable information and intellectual property," the UK National Cyber Security Centre also said today.
"The attack on Microsoft Exchange servers is another serious example of a malicious act by Chinese state-backed actors in cyberspace," the EU and its Member States added in a separate statement issued today.
In early March 2021, Microsoft disclosed four zero-days actively being exploited in attacks targeting on-premises Microsoft Exchange servers.
After Microsoft disclosed the attacks, Slovak internet security firm ESET discovered at least ten APT groups targeting vulnerable Exchange servers.
News URL
Related news
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)
- Mega US healthcare payments network restores system 9 months after ransomware attack (source)
- Hackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack' (source)
- China has utterly pwned 'thousands and thousands' of devices at US telcos (source)
- Microsoft 365 outage impacts Exchange Online, Teams, Sharepoint (source)
- Microsoft re-releases Exchange updates after fixing mail delivery (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- Vodka maker Stoli files for bankruptcy in US after ransomware attack (source)
- Microsoft: Another Chinese cyberspy crew targeting US critical orgs 'as of yesterday' (source)