Security News > 2021 > July > US and Global Allies Accuse China of Massive Microsoft Exchange Attack

The U.S. government and its key allies, including the European Union, the U.K., and NATO, formally attributed the massive cyberattack against Microsoft Exchange email servers to state-sponsored hacking crews working affiliated with the People's Republic of China's Ministry of State Security.
"In a statement issued by the White House on Monday, the administration said,"with a high degree of confidence that malicious cyber actors affiliated with PRC's MSS conducted cyber-espionage operations utilizing the zero-day vulnerabilities in Microsoft Exchange Server disclosed in early March 2021.
Calling it "The most significant and widespread cyber intrusion against the U.K. and allies," the National Cyber Security Centre said the attack was highly likely to enable "Acquiring personally identifiable information and intellectual property."
In a press statement, the European Union urged Chinese authorities to take action against malicious cyber activities undertaken from its territory, stating the Microsoft Exchange server hacks resulted in security risks and significant economic loss for government institutions and private companies.
A spokesperson for the Chinese Embassy in Washington, according to the Associated Press, painted China as "a severe victim of the U.S. cyber theft, eavesdropping, and surveillance," noting that the "U.S. has repeatedly made groundless attacks and malicious smear against China on cybersecurity."
Update: Speaking at a press conference, Zhao Lijian, a spokesperson for the Chinese Ministry of Foreign Affairs, rejected accusations that Beijing was behind the global cyber hacking campaign targeting Microsoft Exchange servers and accused the U.S. of being the world's largest source of attacks in cyberspace.
News URL
Related news
- Feds name and charge alleged Silk Typhoon spies behind years of China-on-US attacks (source)
- China names alleged US snoops over Asian Winter Games attacks (source)
- New ClickFix attack deploys Havoc C2 via Microsoft Sharepoint (source)
- China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access (source)
- China's Silk Typhoon, tied to US Treasury break-in, now hammers IT and govt targets (source)
- US seizes domain of Garantex crypto exchange used by ransomware gangs (source)
- Microsoft Exchange Online outage affects Outlook web users (source)
- Microsoft: Exchange Online bug mistakenly quarantines user emails (source)
- Hidden Threats: How Microsoft 365 Backups Store Risks for Future Attacks (source)
- China’s FamousSparrow flies back into action, breaches US org after years off the radar (source)