China accused of cyber-attack on Microsoft Exchange servers


The UK, US and EU have accused China of carrying out a major cyber-attack earlier this year.

The attack targeted Microsoft Exchange servers, affecting at least 30,000 organisations globally.

The UK said Chinese state-backed actors were responsible, while the EU said the attack came from
"the territory of China".

The Chinese Ministry of State Security (MSS) was also accused of wider espionage activity and a
broader pattern of "reckless" behaviour.

China has previously denied allegations of hacking and says it opposes all forms of cyber-crime.
The unified call-out of Beijing signals the gravity with which this case has been taken. Western
intelligence officials say aspects of this case are markedly more serious than anything they have
seen before.

The hackers exploited a vulnerability in Microsoft Exchange which allowed backdoors to be placed
on systems that allowed further access.

The UK said the attack was likely to enable large-scale espionage, including the acquisition of
personal information and intellectual property.

The backdoors used by the Chinese group were also exploited by other hacking groups, leaving
systems vulnerable to ransomware attacks and espionage.
Last edited: