NATIONAL NEWS

Microsoft Exchange Hack Caused By China, US And Allies Say

Jul 19, 2021, 11:21 AM | Updated: 11:22 am
FILE: A signage of Microsoft is seen on March 13, 2020, in New York City. (Photo by Jeenah Moon/Get...
FILE: A signage of Microsoft is seen on March 13, 2020, in New York City. (Photo by Jeenah Moon/Getty Images)
(Photo by Jeenah Moon/Getty Images)

WASHINGTON (AP) — The Biden administration and Western allies formally blamed China on Monday for a massive hack of Microsoft Exchange email server software and accused Beijing of working with criminal hackers on ransomware and other illicit cyber operations.

The announcements, though not accompanied by sanctions against the Chinese government, were intended as a forceful condemnation of activities a senior Biden administration official described as part of a “pattern of irresponsible behavior in cyberspace.” They highlighted the ongoing threat from Chinese government hackers even as the administration remains consumed with trying to curb ransomware attacks from Russia-based syndicates that have targeted critical infrastructure.

The broad range of cyberthreats from Beijing disclosed on Monday included a ransomware attack from government-affiliated hackers that has targeted victims — including in the U.S. — with demands for millions of dollars. U.S officials allege that China’s Ministry of State Security has been using criminal contract hackers who have engaged in cyber extortion schemes and theft for their own profit, officials said.

Meanwhile, the Justice Department on Monday announced charges against four Chinese nationals who prosecutors said were working with the Ministry of State Security in a hacking campaign that targeted dozens of computer systems, including companies, universities and government entities. The defendants are accused of stealing trade secrets and confidential business information.

Unlike in April, when public finger-pointing of Russian hacking was paired with a raft of sanctions against Moscow, the Biden administration did not announce any actions against Beijing. Nonetheless, a senior administration official who briefed reporters said that the U.S. has confronted senior Chinese officials and that the White House regards the multination public shaming as sending an important message.

Even without fresh sanctions, the actions Monday are likely to exacerbate tensions with China at a delicate time. Just last week, the U.S. issued separate stark warnings against transactions with entities that operate in China’s western Xinjiang region, where China is accused of repressing Uyghur Muslims and other minorities. Then on Friday, the administration advised American firms of the deteriorating investment and commercial environment in Hong Kong, where China has been cracking down on democratic freedoms it had pledged to respect in the former British colony.

The European Union and Britain also called out China. The EU said malicious cyber activities with “significant effects” that targeted government institutions, political organizations and key industries in the bloc’s 27 member states could be linked to Chinese hacking groups. The U.K.’s National Cyber Security Centre said the groups targeted maritime industries and naval defense contractors in the U.S. and Europe and the Finnish parliament.

In a statement, EU foreign policy chief Josep Borrell said the hacking was “conducted from the territory of China for the purpose of intellectual property theft and espionage.”

The Microsoft Exchange cyberattack “by Chinese state-backed groups was a reckless but familiar pattern of behaviour,” U.K. Foreign Secretary Dominic Raab said.

NATO, in its first public condemnation of China for hacking activities, called on Beijing to uphold its international commitments and obligations “and to act responsibly in the international system, including in cyberspace.” The alliance said it was determined to “actively deter, defend against and counter the full spectrum of cyber threats.”

That hackers affiliated with the Ministry of State Security were engaged in ransomware was surprising and concerning to the U.S. government, the senior administration official said. But the attack, in which an unidentified American company received a high-dollar ransom demand, also gave U.S. officials new insight into what the official said was “the kind of aggressive behavior that we’re seeing coming out of China.”

The majority of the most damaging and high-profile recent ransomware attacks have involved Russian criminal gangs. Though the U.S. has sometimes seen connections between Russian intelligence agencies and individual hackers, the use of criminal contract hackers by the Chinese government “to conduct unsanctioned cyber operations globally is distinct,” the official said.

The Microsoft Exchange hack that months ago compromised tens of thousands of computers around the world was swiftly attributed to Chinese cyber spies by private sector groups. An administration official said the government’s attribution to hackers affiliated with China’s Ministry of State Security took until now in part because of the discovery of the ransomware and for-profit hacking operations and because the administration wanted to pair the announcement with guidance for businesses about tactics that the Chinese have been using.

An advisory Monday from the FBI, the National Security Agency and the Cybersecurity and Infrastructure Security Agency laid out specific techniques and ways that government agencies and businesses can protect themselves.

A spokesperson for the Chinese Embassy in Washington did not immediately return an email seeking comment Monday. But a Chinese Foreign Ministry spokesperson has previously deflected blame for the Microsoft Exchange hack, saying that China “firmly opposes and combats cyber attacks and cyber theft in all forms” and cautioned that attribution of cyberattacks should be based on evidence and not “groundless accusations.”

___

Kelvin Chan in London contributed to this report.

___

Follow Eric Tucker on Twitter at http://www.twitter.com/etuckerAP.

KSL 5 TV Live

Top Stories

National News

...
Associated Press

Ex-employee shut down Massachusetts police website over pay dispute, city says

Officials in a Boston suburb are investigating a former city employee who might have shut down the police website during a pay dispute.
15 hours ago
Nescopeck Volunteer Fire Company firefighter Harold Baker is comforted at the scene in Berwick, Pa....
Associated Press

1 dead, 17 hurt in crash during fundraiser for fire victims

One person was killed and another 17 people injured when a vehicle struck a crowd gathered at a Pennsylvania bar for a fundraiser for victims of a house fire that killed 10 earlier this month; the man police say was the driver was arrested shortly afterward in the beating death of his mother nearby.
15 hours ago
WASHINGTON, DC - JANUARY 21:  The U.S. Capitol Dome is lit in the evening. (Photo by Chip Somodevil...
Associated Press

Police: Man killed himself after ramming US Capitol barrier

A man drove his car into a barricade near the U.S. Capitol early Sunday and then began firing gunshots in the air before fatally shooting himself, police said.
15 hours ago
FILE: A Delta Air Lines plane. (Photo by Mario Tama/Getty Images)...
Meron Moges-Gerbi, CNN

Former flight attendant sues Delta Air Lines after firing her for sharing anti-Trump editorial cartoon

An employment discrimination lawsuit filed by a former Delta Air Lines flight attendant says she was fired for posting an image of former President Donald Trump wearing a Ku Klux Klan hood on her personal Facebook page.
2 days ago
...
BOB CHRISTIE, Associated Press

Arizona parents arrested trying to get to locked-down school

Three Arizona parents have been arrested after trying to force their way onto an elementary school campus to protect their children during a lockdown.
2 days ago
(Courtesy: Rick Haley)...
Zoe Sottile, CNN

Missing Missouri dog was finally found, 500 feet underground in an intricate cave system

Two cave explorers found a dog who had been missing for about two months in a cave system in Missouri.
2 days ago

Sponsored Articles

tips how to quit smoking...

7 Tips How to Quit Smoking | Quitting Smoking Might be One of the Hardest Things You Ever Do but Here’s Where You Can Start

Quitting smoking cigarettes can be incredibly difficult. Here are 7 tips how to quit smoking to help you on your quitting journey.
Photo: Storyblocks...
Blue Stakes of Utah 811

Blue Stakes of Utah 811: 5 Reasons To Call 811 Before You Dig When Working in Your Yard

Call before you dig. Even at home, you could end up with serious injuries or broken utilities just because you didn't call Blue Stakes of Utah 811.
Days of...
Days of '47 Rodeo

TRIVIA: How well do you know your rodeo? Take this quiz before you go to the Days of ’47!

The Utah Days of ’47 Rodeo presented by Zions Bank is a one-of-a-kind Gold Medal Rodeo being held July 20-23, 25 at 7:30 PM. The Days of ’47 Rodeo How well do you know your rodeo trivia? Take the quiz to test your know-all before heading out to the Days of ’47 Rodeo at the […]
cyber security through multi factor authentication setup...
Les Olson IT

How multi factor authentication setup helps companies stay safe

Multi factor authentication (MFA) setup is an important security measure that every company should implement for their workers. It’s also wise to install it for your personal and home accounts.
...
Lighting Design

Check out these stunning lamps with stained glass shades

Lamps with stained glass shades are statement pieces that are more than simply aesthetic. They also meet a functional requirement: to light up a room.
Address Bar of internet browser shows internet access...
AARP Utah

Utah voters 50+ support increased access to Internet

The AARP surveyed Utah voters aged 50 plus about internet access and if they support the expansion of broadband, especially in rural areas currently lacking it.
Microsoft Exchange Hack Caused By China, US And Allies Say