Security News > 2021 > July > US and Global Allies Accuse China of Massive Microsoft Exchange Attack
The U.S. government and its key allies, including the European Union, the U.K., and NATO, formally attributed the massive cyberattack against Microsoft Exchange email servers to state-sponsored hacking crews working affiliated with the People's Republic of China's Ministry of State Security.
"In a statement issued by the White House on Monday, the administration said,"with a high degree of confidence that malicious cyber actors affiliated with PRC's MSS conducted cyber-espionage operations utilizing the zero-day vulnerabilities in Microsoft Exchange Server disclosed in early March 2021.
Calling it "The most significant and widespread cyber intrusion against the U.K. and allies," the National Cyber Security Centre said the attack was highly likely to enable "Acquiring personally identifiable information and intellectual property."
In a press statement, the European Union urged Chinese authorities to take action against malicious cyber activities undertaken from its territory, stating the Microsoft Exchange server hacks resulted in security risks and significant economic loss for government institutions and private companies.
A spokesperson for the Chinese Embassy in Washington, according to the Associated Press, painted China as "a severe victim of the U.S. cyber theft, eavesdropping, and surveillance," noting that the "U.S. has repeatedly made groundless attacks and malicious smear against China on cybersecurity."
Update: Speaking at a press conference, Zhao Lijian, a spokesperson for the Chinese Ministry of Foreign Affairs, rejected accusations that Beijing was behind the global cyber hacking campaign targeting Microsoft Exchange servers and accused the U.S. of being the world's largest source of attacks in cyberspace.
News URL
Related news
- Microsoft: Exchange 2016 reaches extended end of support in October (source)
- Microsoft fixes 6 zero-days under active attack (source)
- China-Backed Earth Baku Expands Cyber Attacks to Europe, Middle East, and Africa (source)
- Is Lenovo a blind spot in US anti-China security measures? (source)
- Microsoft: Exchange Online mistakenly tags emails as malware (source)
- Novel attack on Windows spotted in phishing campaign run from and targeting China (source)
- Iran Cyber Attack: Fox Kitten Facilitates Ransomware in US (source)
- Microsoft says it broke some Windows 10 patching – as it fixes flaws under attack (source)
- US proposes ban on connected vehicle tech from China, Russia (source)
- China's Salt Typhoon cyber spies are deep inside US ISPs (source)