What you need to know
- The EU and UK released statements claiming that the recent attacks on Microsoft Exchange servers came from China.
- The UK government states that Chinese state-backed groups were behind the attacks.
- The EU does not directly accuse the Chinese government of being involved but hints in that direction.
The United States (U.S.), European Union (EU), and United Kingdom (UK) claim that the recent attacks on Microsoft Exchange servers came from China. The U.S. and UK specifically point towards the Chinese government, stating that Chinese state-backed actors were behind the attacks.
The attacks on Microsoft Exchange servers affected thousands of organizations. Cybercriminals raced to take advantage of discovered vulnerabilities and Microsoft quickly mitigated issues. Microsoft also released a one-click mitigation tool to help organizations protect against attackers.
Both the EU and UK say that the Chinese Ministry of State Security was responsible for other espionage activity, as reported by the BBC.
"The cyber-attack on Microsoft Exchange Servers by Chinese state-backed groups was a reckless but familiar pattern of behaviour," said UK foreign secretary Dominic Raab. "The Chinese government must end this systematic cyber-sabotage and can expect to be held to account if it does not."
The UK government issued a release detailing its accusations. It says that "Widespread, credible evidence demonstrates that sustained, irresponsible cyber activity emanating from China continues."
At the end of its release, the UK government calls on China to "reaffirm the commitment made to the UK in 2015 and as part of the G20 not to conduct or support cyber-enabled theft of intellectual property of trade secrets."
In March 2021, Microsoft explained that a group known as Hafnium operates out of China and was behind the attacks on Exchange servers. This situation, and many more, have led to the White House's July 19, 2021 statement on the matter.
The EU statement shares a similar tone to its U.S. counterpart:
While the EU does not accuse the Chinese government of backing the groups behind the attacks, the organization does urge Chinese authorities to not allow China to be used for malicious cyber activities.
The EU also detected "malicious cyber activities" targetting government institutions and political organizations in the EU, its member states, and several industries in Europe. The UK reports the same activities, known as "APT40" and APT31" by cybersecurity experts.
Sean Endicott is the news writer for Windows Central. If it runs Windows, is made by Microsoft, or has anything to do with either, he's on it. Sean's been with Windows Central since 2017 and is also our resident app expert. If you have a news tip or an app to review, hit him up at firstname.lastname@example.org.
"We continue to urge the Chinese authorities to adhere to these norms and not allow its territory to be used for malicious cyber activities..." That's such a nice way of putting it.
Surely such manners and polite phrasings will dissuade those with political interests from committing harmful acts.
What's the problem with Xin Jin Ping ?
Get the best of Windows Central in in your inbox, every day!
Thank you for signing up to Windows Central. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.