China accused of cyber-attack on Microsoft Exchange serverson July 19, 2021 at 2:25 pm

- Advertisement -
- Advertisement -
- Advertisement -
- Advertisement -

The UK, US and EU have accused China of carrying out an attack on Microsoft Exchange email servers.

A Microsoft sign in Los Angeles (file pic)

image copyrightReuters

The UK, US and EU have accused China of carrying out a major cyber-attack earlier this year.

The attack targeted Microsoft Exchange servers, affecting at least 30,000 organisations globally.

The UK said Chinese state-backed actors were responsible, while the EU said the attack came from “the territory of China”.

The Chinese Ministry of State Security (MSS) was also accused of wider espionage activity and a broader pattern of “reckless” behaviour.

China has previously denied allegations of hacking and says it opposes all forms of cyber-crime.

The unified call-out of Beijing signals the gravity with which this case has been taken. Western intelligence officials say aspects of this case are markedly more serious than anything they have seen before.

The hackers exploited a vulnerability in Microsoft Exchange which allowed backdoors to be placed on systems that allowed further access.

The UK said the attack was likely to enable large-scale espionage, including the acquisition of personal information and intellectual property.

The backdoors used by the Chinese group were also exploited by other hacking groups, leaving systems vulnerable to ransomware attacks and espionage.

In the UK, the National Cyber Security Centre (NCSC) issued tailored advice to over 70 affected organisations.

“The cyber attack on Microsoft Exchange Server by Chinese state-backed groups was a reckless but familiar pattern of behaviour,” UK Foreign Secretary Dominic Raab said. “The Chinese Government must end this systematic cyber-sabotage and can expect to be held to account if it does not.”

Western governments accuse the MSS of using hackers-for hire and want it to sever ties with them.

In a statement, the White House said it was “deeply concerned” that China had “fostered an intelligence enterprise that includes contract hackers who also conduct unsanctioned cyber-operations worldwide, including for their own personal profit”.

The EU, meanwhile, said the hack had “resulted in security risks and significant economic loss for our government institutions and private companies”.

Its statement, like that of the UK, also said it had seen other Chinese behaviour that it was calling-out at the same time. It linked it to two groups known as APT 40 and APT 31 which are believed to be linked to the MSS.

Despite the strong statements, there are no signs of sanctions against China. In contrast, new sanctions were placed on Russia for the recent SolarWinds campaign which many experts believe was less serious than the Microsoft Exchange campaign linked to China.

Microsoft announced details of the hack back in March, and said a China-linked group called Hafnium was responsible. China denied those accusations.

The widespread use of Microsoft Exchange left many businesses and organisations vulnerable, with a huge effort to try to mitigate the potential risks.

At the time, the US Department of Justice announced criminal charges against four MSS hackers which it said were linked to a long-term campaign targeting foreign governments and entities in key sectors in a least a dozen countries.

- Advertisement -

Discover

Sponsor

Latest

Care workers lose ‘sleep-in shift’ court challengeon March 19, 2021 at 1:12 pm

One worker who had to sleep at her job argued she should be paid minimum wage for the whole shift.Care workers across the UK...

Kids Company founder calls for apology from Goveon February 25, 2021 at 7:17 pm

The charity, which supported vulnerable young people in London and Bristol, closed its doors in 2015.The charity, which supported vulnerable young people in London...

Mesothelioma Causes and Treatment

Mesothelioma Causes and TreatmentMesothelioma causes stem from exposure to asbestos. Any workplace with some type of exposure to asbestos is considered a possible...

Oil Optimism Soured by Impending End to Extra Saudi Supply Curbs

The oil market is already moving past this weekend’s producer deal to extend supply cuts, with prices sliding on Saudi Arabia’s decision to end...

Covid-19: Boris Johnson pledges skills overhaul and Scotland expected to ease ruleson May 11, 2021 at 6:29 am

Five things you need to know about the coronavirus pandemic this Tuesday morning.Five things you need to know about the coronavirus pandemic this Tuesday...