US, NATO and EU Blame China-Affiliated Hackers for Microsoft Hack
Headline Roundup July 19th, 2021
The Biden administration joined a broad group of U.S. allies in formally blaming a hacking group tied to China’s Ministry of State Security (MSS), known as “Hafnium,” for a breach of Microsoft’s Exchange Server email software earlier this year. Microsoft itself blamed the group in March, labeling it a “state-sponsored threat actor,” but governments held off blame until investigators had “high confidence” that the group was affiliated with the MSS. Additionally, the Justice Department indicted three MSS officers and one contracted hacker on separate hacking charges. The White House said in a statement that the U.S. had raised the issue with the Chinese government, and Secretary of State Anthony Blinken said in a press release that “the United States will impose consequences on PRC malicious cyber actors for their irresponsible behavior in cyberspace." No sanctions have been issued as of Monday afternoon.
Coverage differed across the spectrum in saying the U.S. had accused either the Chinese government itself or just “Chinese-linked hackers"; statements by NATO, the European Union, Canada and the U.K. also varied somewhat on that point. While most coverage focused on the Microsoft hack, some coverage focused on the broader accusations of criminal hacking activity, including ransomware attacks, made against MSS-affiliated hackers.
The Biden administration on Monday formally accused the Chinese government of breaching Microsoft email systems used by many of the world’s largest companies, governments and military contractors, as the United States joined a broad group of allies, including all NATO members, to condemn Beijing for cyberattacks around the world.
The United States accused China for the first time of paying criminal groups to conduct large-scale hackings, including ransomware attacks to extort companies for millions of dollars, according to a statement from the White House. Microsoft had pointed to hackers linked to the...
A new joint effort made up of NATO member states, the European Union, Australia, New Zealand and Japan is coming together to confront the global threat posed by Chinese state-sponsored cyberattacks.
In its first action on Monday, the countries will publicly blame China’s Ministry of State Security for a massive cyberattack on Microsoft Exchange email servers earlier this year.
The attack was carried out by criminal contract hackers working for the MSS who also engage in cyber-enabled extortion, cryptojacking and ransomware, the official said.
Cyberattackers linked to a Chinese spy agency conducted a major ransomware attack against an American company, adding a new layer of complexity to a threat usually attributed to Russia, according to President Joe Biden’s administration.
"This was surprising to us," a senior administration official acknowledged in a media briefing Sunday on how China’s Ministry of State Security has emerged as a major cybersecurity threat. "And, in fact, one of the reasons that we've put so much work into this attribution is because it really gave us new insights on the...