Security News > 2021 > July > US and Global Allies Accuse China of Massive Microsoft Exchange Attack

The U.S. government and its key allies, including the European Union, the U.K., and NATO, formally attributed the massive cyberattack against Microsoft Exchange email servers to state-sponsored hacking crews working affiliated with the People's Republic of China's Ministry of State Security.
"In a statement issued by the White House on Monday, the administration said,"with a high degree of confidence that malicious cyber actors affiliated with PRC's MSS conducted cyber-espionage operations utilizing the zero-day vulnerabilities in Microsoft Exchange Server disclosed in early March 2021.
Calling it "The most significant and widespread cyber intrusion against the U.K. and allies," the National Cyber Security Centre said the attack was highly likely to enable "Acquiring personally identifiable information and intellectual property."
In a press statement, the European Union urged Chinese authorities to take action against malicious cyber activities undertaken from its territory, stating the Microsoft Exchange server hacks resulted in security risks and significant economic loss for government institutions and private companies.
A spokesperson for the Chinese Embassy in Washington, according to the Associated Press, painted China as "a severe victim of the U.S. cyber theft, eavesdropping, and surveillance," noting that the "U.S. has repeatedly made groundless attacks and malicious smear against China on cybersecurity."
Update: Speaking at a press conference, Zhao Lijian, a spokesperson for the Chinese Ministry of Foreign Affairs, rejected accusations that Beijing was behind the global cyber hacking campaign targeting Microsoft Exchange servers and accused the U.S. of being the world's largest source of attacks in cyberspace.
News URL
Related news
- Feds name and charge alleged Silk Typhoon spies behind years of China-on-US attacks (source)
- Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
- Microsoft Identifies 3,000 Leaked ASP.NET Keys Enabling Code Injection Attacks (source)
- Hacker pleads guilty to SIM swap attack on US SEC X account (source)
- US indicts 8Base ransomware operators for Phobos encryption attacks (source)
- Microsoft Uncovers Sandworm Subgroup's Global Cyber Attacks Spanning 15+ Countries (source)
- Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Microsoft's End of Support for Exchange 2016 and 2019: What IT Teams Must Do Now (source)
- Microsoft fixes Power Pages zero-day bug exploited in attacks (source)