Jump to content
  • U.S. and key allies accuse China of Microsoft Exchange cyberattacks

    aum

    • 422 views
    • 2 minutes
     Share


    • 422 views
    • 2 minutes

    U.S. and key allies accuse China of Microsoft Exchange cyberattacks

     

    The U.S., NATO and other allies are collectively calling out China for malicious cyberattacks, including a March attack that exploited a flaw in Microsoft's Exchange Server.

     

    Why it matters: It's the first time that NATO, a military alliance founded in 1949 to confront the Soviet Union, has signed onto a formal condemnation of China's cyber activities.

     

    Zoom in: Authorities are detailing more than 50 different techniques that Chinese state-sponsored actors used, and offering up recommended mitigations that businesses and organizations can take.

     

    • The U.S. says that China's Ministry of State Security is using contract hackers to conduct the attacks, many of which are being done for profit, including via ransomware.

     

    • The U.S., NATO, European Union, U.K., Australia, Canada, New Zealand and Japan say they can now, "with high confidence," attribute the March attack using the Exchange flaw to cyberattackers affiliated with China's state security ministry. That attack crippled thousands of computers around the world.


    As part of Monday's announcement, the Justice Department unveiled criminal charges against four Ministry of State Security hackers for a "multiyear campaign targeting foreign governments and entities in key sectors, including maritime, aviation, defense, education, and healthcare in a least a dozen countries."

     

    Between the lines: There are a number of countries that have been blamed for past cyberattacks, including China, Iran, Russia and North Korea.

     

    • The U.S. says Russian government hackers have been known to sometimes also "moonlight" in for-profit attacks, but in this case it was the Chinese military working directly with the attackers.


    What's next: The U.S. says it has raised the concerns with Chinese authorities and said it hasn't ruled out a further response, but also cautioned that no one action is likely to deter China.

     

    • Rather, the administration is pointing to a number of recent steps taken on cybersecurity including executive orders, work with the EU and G7 and new rules for pipeline and other critical infrastructure providers.


    The big picture: NATO leaders last month took their strongest position yet on the threat from China, releasing a communique that characterized Beijing's growing influence, military prowess and assertive behavior as "systemic challenges to the rules-based international order."

     

    Source


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...