Microsoft Exchange Servers Were Under Cyber-Attack: Microsoft Accuses China

The Recent Attack Has Affected More Than A Quarter of a Million Servers of Microsoft Exchange

The European Union, United States, and the United Kingdom have accused China of conducting a major cyber-attack on the Microsoft Exchange servers in the initial few weeks of this year. The attack was specifically targeted and had a major effect on at least 30,000 global organizations.

China accused of cyber-attack

The United Kingdom said that the state-backed actors by China were, in fact, responsible for the cyber-attack; meanwhile, the European Union has stated that the territory of China was where the attack was generated.

The Ministry of State Security of China has also been accused of conducting a wider range of espionage activities along with a wider outline of having a reckless performance. Previously, all allegations have been denied by China regarding the conduction of illegitimate hacking and have said that they are all opposition to all forms of cyber-security crimes.

The unified call-out of China has signals the severity of this condition has taken. According to the western intelligence officials, the aspects of this current case have markedly become more serious than anything which has never been seen before.

The cyber-hackers were able to exploit a probable vulnerability in the Microsoft Exchange, which had allowed backdoors to be able to easily been placed on all main systems and servers that allow further access.

The United Kingdom has said that the cyber-attack had likely occurred to be able to enable large-scale espionage, which also included the acquiring of personal and sensitive data along with intellectual property.

The backdoors that were used by the Chinese team during the cyber-attack on Microsoft Exchange were later also exploited by other groups of hackers that had left the entire main system to become vulnerable to attacks of ransomware along with possible espionage.

Strict actions and sanctions

In the United Kingdom, the National Cyber Security Centre (NCSC) has recently issued completely tailored advice to more than 70 organizations that were directly affected by the cyber-attack.

The Foreign Secretary of the United Kingdom Dominic Raab said that the cyber-attack on the Microsoft Exchange Server by the states-backed Chinese groups was a very reckless behavior but was very familiar. The Government of China must put an end to the systematic cyber-attacks that are being conducted and should expect themselves to be held accountable if they do not stop.

The western government is completely accusing the MSS of the acquisition of hackers for hire and now wants to sever all relations and ties with them after the cyber-attack.

White House gave a public statement saying that they have become concerns deeply due to the fact that China had been able to foster an intelligence enterprise that has included hackers through contracts that are able to conduct unsanctioned worldwide cyber-operations, including towards their own personal gain.

The European Union has meanwhile said that the cyber-hack had resulted in potential risks of security along with a significant loss of the economy of our country’s governmental institution along with other private firms.

The statement, similar to that of the United Kingdom, has said that they have seen other behavior by China that it was calling out at similar timings. It was able to provide a connection between both groups, which are known as the APT 31 and APT 40, which are thought to have possible linkage to the MSS.

Despite giving some of the very tough statements by the western governments, there is yet no sign in sight regarding sanctions that are to be placed against China. Although in contrast, there have been some new sanctions that are to be placed against Russia for the recent campaign of SolarWinds, which according to many experts, is a lot less serious than the campaign of the Microsoft Exchange Server cyber-attack, which has some proven links with China.

The details regarding the cyber-hackings have been made public by Microsoft in the month of March and have said that Hafnium, a hacking group with direct links with China, was solely responsible. All accusations were denied by China.

The widespread global consumption of the Microsoft Exchange has left multiple businesses along with several organizations to become temporarily vulnerable for additional cyber-attacks, along with a huge effort for trying to mitigate all possible risks that comes with it.

At the time after the attack, the United States Department of Justice had announced felonious charges against the four hackers of MSS, which is said to be connected to a long-term operation that was aiming at multiple foreign governments along with key entities in sectors of at least a dozen nations.

Read also Customers Are Responsible For Hacking Not Us: NSO Group Of Pegasus Spyware Seller