US, NATO, EU blame China for Microsoft cyberattack

By Laura Berrill
NATO member states come together to confront the global cyber threats posed by its state-sponsored cyber attacks

The EU, Australia, New Zealand and Japan are working to confront the threat and are due to publicly blame China’s Ministry of State Security for a massive cyberattack on Microsoft Exchange email servers.

The attack was carried out by criminal contract hackers working for the MSS who also engage in cyber-enabled extortion, cryptojacking and ransomware, a NATO official said.

The group will share intelligence on cyberthreats and collaborate on network defenses and security, added a senior Biden administration official. The FBI, the National Security Agency and the Cybersecurity and Infrastructure Security Agency released a new advisory listing tactics, techniques and procedures Chinese state-sponsored hackers use.

The Microsoft Exchange server attack became public in March and is believed to have hit at least 30,000 American organizations and hundreds of thousands more worldwide. Microsoft identified the group behind the hack quickly, as a so far relatively unknown Chinese espionage network called Hafnium.

The delay in naming China was to give investigators time to assemble evidence proving the Hafnium hackers were on the Chinese state payroll, the official added.

Cyber warfare is the front line

Cyberwarfare is becoming the front line in a global power struggle between democracies and autocratic states so the new alliance could become a model for future efforts to confront transnational threats.

The joint announcements build on Biden’s effort earlier this summer to rally support among NATO and EU allies for a more confrontational approach to China. Just on Friday, the United States sanctioned seven Chinese officials in response to the Beijing’s crackdown on Hong Kong’s democratic institutions. The US also warned its firms of data and privacy breaches by the Chinese government if they carry on doing business in Hong Kong.

In response, a Chinese foreign ministry spokesperson accused the United States of “meddling” in its internal affairs.

For now, the newly launched cybersecurity alliance is focused on cooperative security and threat alerts and not on retaliation. Beijing’s economic might around the world right now makes it very difficult for any group of countries to agree on concrete actions against China.



Featured Articles

TECH LIVE LONDON: An overview of the hybrid technology show

We take a look at the first day of Tech Live London with insights from technology leaders from companies such as IBM, Microsoft and Vodafone

TECH LIVE LONDON: Begins tomorrow at 10am!

Our marquee technology event is nearly here. There's still time to claim your free ticket (worth £295). Look forward to welcoming you to the Tobacco Dock!

Executive Q&A: Marc Lueck, CISO EMEA, Zscaler

As we prepare to welcome the Zero Trust leaders to TECH LIVE LONDON this June 23-24, we take the opportunity to chat to Zscaler CISO of EMEA, Marc Lueck

TECH LIVE LONDON: Registering, networking and logistics

Digital Transformation

New speaker from Infosys announced for TECH LIVE LONDON!

Digital Transformation

New speaker from Bernadette announced for TECH LIVE LONDON!

Digital Transformation