Microsoft Exchange server attacks may have been fuel for China's AI endeavors

Best Keyboards for Microsoft Surface in 2018
Best Keyboards for Microsoft Surface in 2018 (Image credit: Surface Book 2)

What you need to know

  • The attacks on the Microsoft Exchange servers in early 2021 may have been part of an effort from the Chinese government to develop artificial intelligence.
  • A new report claims that the attacks were about gathering data, not just spying on people.
  • The Exchange server attacks utilized personal information that was likely gathered in a previous attack.

The story of the attacks on Microsoft Exchange servers may have just gained another chapter. While it was already known that the attacks targeted a massive number of people and PCs, the motives behind those attacks are still being discovered. A piece by NPR's Dina Temple-Raston explains that the attacks were likely performed to gather data to develop artificial intelligence.

NPR's piece offers an extensive breakdown of the history of the Exchange server attacks, their implications across several industries, and how Microsoft and other organizations responded to the attack. It also adds a new angle to the saga, alleging China used the attacks to gather data to develop AI.

NPR spent months analyzing the attacks and interviewing people ranging from Microsoft employees to U.S. intelligence officials in order to put together a report that paints the picture that Beijing leadership's endgame for the breach's data is artificial intelligence, which would be used for tasks traditionally reserved for humans.

According to William Evanina, former director of the National Counterintelligence and Security Center, "the Chinese have more data than we have on ourselves." Evanina founded the Evanina Group, which is a risk consultancy company. A report from the group states that the Chinese government has stolen personal information from an estimated 80% of Americans. This data could be used for intelligence purposes.

Data gathered from these types of attacks could be used to develop AI that affects major aspects of people's everyday lives. NPR notes that AI is used to calculate insurance rates and people's credit scores, as well as to determine if people can get a mortgage.

Kiersten Todt, former executive director of the Obama administration's bipartisan commission on cybersecurity and current head of the Cyber Readiness Institute, warned of the dangers of China collecting data. "We don't know what the Chinese are building, but what we do know is that diversity of data, quality of data aggregation, accumulation of data is going to be critical to its success."

The full NPR read features talks with individuals such as Microsoft VP Tom Burt, who handles the company's digital crimes unit. In the report, he outlined what Microsoft's thought process was as the attacks progressed, as well as detailed Hafnium's involvement in the ensuing chaos. Other interesting inside looks at Microsoft's operations, such as its philosophy behind Patch Tuesdays, are also in the report.

Sean Endicott
News Writer and apps editor

Sean Endicott brings nearly a decade of experience covering Microsoft and Windows news to Windows Central. He joined our team in 2017 as an app reviewer and now heads up our day-to-day news coverage. If you have a news tip or an app to review, hit him up at (opens in new tab).

  • While it is entirely worrying (because so much data was compromised, and because what normal country does this sort of thing?) it seems far fetched to suggest that this is for gathering training data for "AI". China has more people than the US, very likely more middle-class-ish and above online consumers (and growing), and rather direct access to their data (because who needs democracy or privacy?). I'm no cybersecurity expert but I'd guess the goal is something else. Or maybe there is no goal - it's practice for more concerning breeches to come.
  • The amount of data that the Average American generates probably outstrips the amount that a Chinese citizen does though. As rapidly as China has developed, many people still have little or even no online presence in China, whereas Americans have had ubiquitous internet for nearly two decades (rural America excluded). More importantly, it's probably the quality of the data that the Chinese are interested in for training their AI. Just like advertisers in the US can target things with frightening accuracy, the Chinese government may be looking to build an AI that can make more convincing propaganda, look for potential blackmail targets, etc.
  • "The amount of data that the Average American generates probably outstrips the amount that a Chinese citizen does though." Well, maybe. But the average isn't important, the total amount and variety of data is, and there are more people online in China than in the US. Isn't China well ahead of the US in things like mobile payments? Doesn't the government in theory have complete access to that data? And if the game is about finding intelligence targets or improving their propaganda targeting -- theories which I can buy -- that's not entirely about developing their AI know-how.
  • I think this about using the AI to builds profiles on Americans. The same folks would have appeared in multiple breaches. These profiles could be used to compromise them in some interesting ways. User A
    - works for DOD contractor - linked in
    - security clearance - OPM hack
    - poor credit history - Equifax
    - health condition - any of the hospital breaches
    - questionable dating profile - choose from many Ripe target.