Last Updated: August 26, 2021
The Chinese government now faces accusations from the US, NATO, EU, Australia, New Zealand, and Japan for massive cyberattacks on Microsoft Exchange email servers that have affected at least 30,000 US organizations and hundreds of thousands more worldwide. Microsoft identified the cybercriminal group behind the attack as the Chinese espionage group called Hafnium.
According to officials, these criminal hackers are believed to be working for China’s Ministry of State Security (MSS), who may also be involved in a series of other cybercrimes, such as cryptojacking, ransomware, and cyber extortions.
Despite Microsoft’s extensive security measures, the attacks began in January of this year when Hafnium exploited a vulnerability in Microsoft Exchange by inserting backdoors into systems that they could return upon eventually. The attack is believed to have been carried out as a part of an espionage mission, allowing hackers to acquire confidential information and intellectual property.
The suspicions were rooted in Hafnium’s previous espionage targets, including universities, think tanks, and defense contractors, where the group’s primary focus was specific systems.
Naming China was only done recently because the investigators needed enough time to gather evidence proving that the Hafnium hackers are indeed on the payroll of the Chinese government.
The United States also had to act in unison with its allies. As a result, these allied countries will now publicly blame China’s Ministry of State Security for the attacks on Microsoft Exchange email servers earlier this year.
The Microsoft Exchange incident came amid an increasing number of economic and diplomatic sanctions the Biden administration enforced against Beijing this year. These sanctions are the US response to human rights abuse in Xinjiang province and Hongkong.
While this incident has caused China to accuse the US of meddling with their internal affairs, the latter’s multinational cybersecurity efforts intend to focus more on threat alerts and security instead of retaliation.
The White House has already raised the Microsoft attacks with senior members of the Chinese government, pointing out that it threatened security, stability, and confidence in cyberspace.