Microsoft Exchange servers targeted by China in a cyber attack

In a major attack on Microsoft Exchange servers in early 2021, the EU, US and UK have accused China of carrying out a cyber attack, which affected over 30,000 organisations around the world. Chinese state-backed actors have been accused by the UK, while the EU point the finger at attackers from the territory of China. China had always denied involvement in hacking and espionage, and has positioned themselves as opposing cyber crime. The Chinese Ministry of State Security has also been accused of espionage activity, an accusation that they deny. To date, this is attack on Microsoft Exchange servers is the most serious cyber crime to have come out of China.

With the attack on Microsoft Exchange servers, hackers were able to exploit a vulnerability that allowed backdoors to be placed within the system, allowing them access. This attack enabled hackers to access personal information and intellectual property held inside the secure servers. It is thought the attacks were from a series of hacking groups, using these backdoors, which left the servers vulnerable to ransomware attacks.

As regards to Microsoft Exchange users in the UK, the National Cyber Security Centre had issued advice to over 70 organisations to be on the lookout for evidence of hacking. The White House is also concerned about these attacks, which they indirectly accuse China of helping to implement. The EU stated that this attack had resulted in security risk that had lead to an economic serious loss for both government and private companies.

China has denied any involvement in these hacks and there is no sign of any economic sanctions being made against China. This is in far contrast to the SolarWinds hack, that originated out of Russia, where new sanctions have been implemented as a result.