US, EU, and NATO Allies to Blame China for Cyberattack on Microsoft
An alliance of NATO members, including the United States, European Union, Japan, Australia, and New Zealand, will publicly blame China for state-sponsored cyberattacks on Microsoft exchange servers.
An alliance of countries, including all NATO members, will come together to publicly blame China’s Ministry of State Security for a massive cyberattack on Microsoft Exchange email servers earlier this year.
The United States accused China of paying criminal groups to conduct large-scale hackings, hacking tens of thousands of computers and networks worldwide, including ransomware attacks to extort companies for millions of dollars, the New York Times reported, citing a statement from the White House.
Reportedly, Microsoft identified hackers linked to the Chinese Ministry of State Security, which exploited holes in the company’s email systems in March.
A Biden administration official said China was behind a specific ransom where an attack against the US target involved a “large ransom request,” adding that Chinese ransom demands have totaled in the “millions of dollars,” CNN reported.
“These contract hackers cost governments and businesses billions of dollars in stolen intellectual property, ransom payments, and cybersecurity mitigation efforts, all while the MSS had them on its payroll,” said Secretary of State Antony Blinken said in a statement. “[China] has fostered an ecosystem of criminal contract hackers who carry out both state-sponsored activities and cybercrime for their financial gain.”
A statement issued from NATO read: “We call on all states, including China, to uphold their international commitments and obligations and to act responsibly in the international system, including in cyberspace.”
Reportedly, while China’s efforts were not as sophisticated as previous hacking by Russia, Beijing took advantage of an undiscovered Microsoft vulnerability and used it to conduct espionage and reduce confidence in the security of systems companies use for their primary communications.
While the group of allies plans to publicly condemn China for its actions, and the allies will stop short of taking concrete punitive steps, the New York Times reported.
The announcement lacked any sanctions. Previously, the White House imposed sanctions on Russia in April after blaming the country for the SolarWinds attack that affected US government agencies and over 100 companies.
The group of allies will continue to work together and collaborate on network defenses and security, as well as share intelligence on cyber threats, according to a Biden administration official, CNBC reported.