UK accuses China of hacking Microsoft Exchange Server

The British government has officially held responsibility for the Microsoft Exchange Server cyberattack at China’s feet.

on Monday, The government has joined others -Including victims The company itself, Microsoft-Cyberattacks claimed to be the work of China’s state-owned hacker, Hafnium, a highly persistent threat (APT) group.

Foreign Minister Dominic Raab regarded the attack “by a Chinese state-owned group” as a “reckless but familiar pattern of behavior.”

“The Chinese government needs to end this systematic cyber nuisance and can be expected to be held. [to] If not, create an account, “Raab added.

Suspicious activity related to finding four zero-day vulnerabilities on-premises Microsoft Exchange Server Discovered earlier this year.

In March, the Redmond Giants issued an emergency patch to mitigate the threat to their customers. However, the vulnerabilities (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) were exploited, endangering an estimated 30,000 organizations in the United States alone.

The European Banking Authority was one of the most notable victims of this attack.

After the incident, the malware was found above 2000 machines It belongs to a British company.

The British government believes the attack was most likely due to a “massive espionage” involving theft of information and intellectual property.

In addition, the British authorities said that the Chinese Ministry of Homeland Security APT40 (TEMP.Periscope / TEMP.Jumper / Leviathan) and APT31 (Judgment of Panda / Zirconium / Red Keres).

According to the National Cyber ​​Security Center (NCSC), APT40 is responsible for the US and European maritime industry and naval contractors, and is confident that the Chinese Department of Homeland Security is supporting this group. I’m evaluating it. It works according to the requirements of the major Chinese State Intelligence Service. ”

In addition, the NCSC states that APT31 is responsible for targeting governments and politicians. Finnish Parliament, 2020.

“”[The] The NCSC is almost certain that APT31 is a member of the Chinese state, and it is likely that APT31 is a group of contractors working directly with the Chinese Department of Homeland Security. ”

“The Chinese government instead ignored repeated calls to end its reckless campaign. [of] “We are allowing state-backed officials to scale up the attack and act recklessly when arrested,” a British official said. , Personal data, and the commercial interests of those who are trying to partner. ”

The government is also urging China to stop attempts to carry out or support the theft of intellectual property and corporate secrets through cyberattacks.In addition, the White House Make a statement Criticize China’s alleged actions.

Previous and related coverage

---

Do you have any hints? Securely contact via WhatsApp | +447713 025 499, or key-based signal: charlie0

---