U.S. Blames China For Cyberattack Targeting Microsoft Exchange Servers

Hacker attacking internet

Photo: Getty Images

The United States, European Union, NATO, the U.K., Australia, and Japan announced that Chinese hackers were behind the recent cyberattack on Microsoft Exchange servers.

U.S. Secretary of State Antony Blinken said that the hackers were working for China's Ministry of State Security and said the agency "has fostered an ecosystem of criminal contract hackers who carry out both state-sponsored activities and cybercrime for their own financial gain."

"These contract hackers cost governments and businesses billions of dollars in stolen intellectual property, ransom payments, and cybersecurity mitigation efforts, all while the MSS had them on its payroll," Blinken said.

Security officials said that cyberattacks targeted tens of thousands of computers and impacted both private companies and government agencies.

"The compromise and exploitation of the Microsoft Exchange server undermined the security and integrity of thousands of computers and networks worldwide," the Council of the European Union said in a statement. "This irresponsible and harmful behaviour resulted in security risks and significant economic loss for our government institutions and private companies, and has shown significant spill-over and systemic effects for our security, economy, and society at large."

Microsoft praised the announcement.

"Attributions like these will help the international community ensure those behind indiscriminate attacks are held accountable," Tom Burt, Microsoft's corporate vice president for customer security and trust, said in a statement. "Transparency is critical if we're to combat the rising cyberattacks we see across the planet against individuals, organizations, and nations."

While authorities declined to place any sanctions on China over the cyberattack, the Justice Department announced criminal charges against four Chinese nationals who have been accused of working for the Chinese government and were involved in numerous hacking attempts between 2011 and 2018.


Sponsored Content

Sponsored Content