US Government, NATO accuse China of Microsoft Exchange attacks

Posted:
in General Discussion
The Microsoft Exchange hack and many other attacks were caused by gangs working with the Chinese government, the Biden administration and NATO claim.




In March, Microsoft disclosed that Microsoft Exchange Server was the target of attacks, which it believed were conducted by a hacking group in China known as Hafnium. According to the White House and a UK security agency, it appears that the attacks were partly orchestrated by the Chinese government.

On Monday, the Biden administration sent an alert to government bodies and private companies holding China responsible for the attacks,reports the Financial Times. The attacks included thefts and extortion, as well as ransomware instances with demands in the millions of dollars.

Allies of the U.S. around the world have also issued their own warnings, including the UK's National Cyber Security Centre, which is part of the country's main national security agency, GCHQ.

"The attack on Microsoft Exchange servers is another serious example of a malicious act by Chinese state-backed actors in cyberspace," said NCSC Director of Operations Paul Chichester. "This kind of behavior is completely unacceptable, and alongside our partners we will not hesitate to call it out when we see it."

NCSC claim the Exchange attacks was "highly likely to enable large-scale espionage," including acquiring information on individuals as well as to acquire intellectual property.

A senior administration official said China's "Ministry of State Security uses criminal contract hackers to conduct unsanctioned cyber operations globally, including for their own personal profit. Their operations include criminal activities, such as cyber-enabled extortion, crypto-jacking and theft from victims around the world for financial gain."

Alongside the announcement, the U.S. Department of Justice said on Monday that a federal grand jury in San Diego, California, indicted four nationals and residents of the People's Republic of China for hacking computer systems in the United States and abroad between 2011 and 2018. The indictment occurred in May, but was unsealed on Friday.

According to the indictment, the conspiracy's main theft was for IP of "significant economic benefit to China's companies and commercial sectors," including research and development efforts.

The group worked to steal trade secrets and confidential business information across many industries, including submersible and autonomous vehicle technologies, chemical formulas, genetic sequencing technology, and information "to support China's efforts to secure contracts for state-owned enterprises" in other countries.

Each of the four defendants are charged with a count of conspiracy to commit computer fraud and a count of conspiracy to commit economic espionage, which carry maximum prison sentences of 5 years and 15 years respectively.

Read on AppleInsider
«134

Comments

  • Reply 1 of 67
    KuyangkohKuyangkoh Posts: 728member
    Then why are government agency computers and private servers are not protected? Specially those that are important…..we all know that they will steal even our shit…..5-10 years is nothing, make that life time or death penalty 
    qwerty52watto_cobra
  • Reply 2 of 67
    sdw2001sdw2001 Posts: 17,668member
    Kuyangkoh said:
    Then why are government agency computers and private servers are not protected? Specially those that are important…..we all know that they will steal even our shit…..5-10 years is nothing, make that life time or death penalty 
    Nothing is fully protected.  Hackers get through protection all the time.  And dude, the death penalty? Get a grip. 
    uraharawatto_cobra
  • Reply 3 of 67
    crowleycrowley Posts: 8,715member
    Kuyangkoh said:
    Then why are government agency computers and private servers are not protected? Specially those that are important…..we all know that they will steal even our shit…..5-10 years is nothing, make that life time or death penalty 
    Executing foreign nationals is unlikely to improve relations.
    tmaytokyojimuurahara
  • Reply 4 of 67
    DAalsethDAalseth Posts: 1,712member
    Kuyangkoh said:
    Then why are government agency computers and private servers are not protected? Specially those that are important…..we all know that they will steal even our shit…..5-10 years is nothing, make that life time or death penalty 
    The penalty is moot. These people will never leave China and so never be prosecuted. As far as protection, they are. It's an ongoing battle between the good guys and the bad guys. One puts up security, the other finds ways to get around it. The first strengthens the security, the second finds new holes. The only computer that cannot be hacked is off. 
    p-dogwatto_cobrajony0
  • Reply 5 of 67
    avon b7avon b7 Posts: 5,901member
    DAalseth said:
    Kuyangkoh said:
    Then why are government agency computers and private servers are not protected? Specially those that are important…..we all know that they will steal even our shit…..5-10 years is nothing, make that life time or death penalty 
    The penalty is moot. These people will never leave China and so never be prosecuted. As far as protection, they are. It's an ongoing battle between the good guys and the bad guys. One puts up security, the other finds ways to get around it. The first strengthens the security, the second finds new holes. The only computer that cannot be hacked is off. 
    As global networking has moved further down into virtually always on CE devices and platforms, I'm beginning to doubt the quality of varying codebases.

    I agree with you that holes will be found, exploited and fixed in a game of cat and mouse but I have a suspicion that software design and quality out of the gate just isn't as strong as it should be.

    For decades now, essential pieces of the networking puzzle like routers have been seriously lacking in resources. About ten years ago I was working on a project involving worm signatures and one of the biggest problems was there just weren't enough resources available on devices to provide a decent solution without seriously impacting performance.

    In other areas, the breakneck speed at which new services are updated on Android and iOS is probably one of the reasons why these kinds of errors get exploited before they are found and fixed.

    It's just a sensation, though. 
    edited July 19 DAalseth
  • Reply 6 of 67
    Microsoft OS is the worst OS in the world. Why these people don't know this fact? IBM PC users have been buying anti-virus software for decades. This is a necessity for Windows users. Why? Because hackers have been inflicting harm on IBM PC users. Do we execute them? I have not users any anti-virus on my Macs. I have received many spam emails trying to steal from me. Do we execute the senders? 
  • Reply 7 of 67
    65026502 Posts: 376member
    Microsoft OS is the worst OS in the world. Why these people don't know this fact? IBM PC users have been buying anti-virus software for decades. This is a necessity for Windows users. Why? Because hackers have been inflicting harm on IBM PC users. Do we execute them? I have not users any anti-virus on my Macs. I have received many spam emails trying to steal from me. Do we execute the senders? 
    IBM got out of the PC business 16 years ago. Windows 10 is actually quite usable. I don't use any anti-virus software except for the built-in Windows Defender.
  • Reply 8 of 67
    6502 said:
    Microsoft OS is the worst OS in the world. Why these people don't know this fact? IBM PC users have been buying anti-virus software for decades. This is a necessity for Windows users. Why? Because hackers have been inflicting harm on IBM PC users. Do we execute them? I have not users any anti-virus on my Macs. I have received many spam emails trying to steal from me. Do we execute the senders? 
    IBM got out of the PC business 16 years ago. Windows 10 is actually quite usable. I don't use any anti-virus software except for the built-in Windows Defender.
    There are still lots of PC users not using Windows 10.
  • Reply 9 of 67
    Intellectual Property wasn’t the only thing they hacked into. We will soon see that a “certain brand” of voting machine was also hacked on November 3, 2020. This article is just an attempt to lay blame based on what is already known. Stay tuned…
  • Reply 10 of 67
    crowleycrowley Posts: 8,715member
    6502 said:
    Microsoft OS is the worst OS in the world. Why these people don't know this fact? IBM PC users have been buying anti-virus software for decades. This is a necessity for Windows users. Why? Because hackers have been inflicting harm on IBM PC users. Do we execute them? I have not users any anti-virus on my Macs. I have received many spam emails trying to steal from me. Do we execute the senders? 
    IBM got out of the PC business 16 years ago. Windows 10 is actually quite usable. I don't use any anti-virus software except for the built-in Windows Defender.
    There are still lots of PC users not using Windows 10.
    Do we execute them?
  • Reply 11 of 67
    Rayz2016Rayz2016 Posts: 6,957member
    Intellectual Property wasn’t the only thing they hacked into. We will soon see that a “certain brand” of voting machine was also hacked on November 3, 2020. This article is just an attempt to lay blame based on what is already known. Stay tuned…
    He lost. Get over it. Just be thankful he’s not doing time. 
    edited July 19 muthuk_vanalingamtmayGeorgeBMacuraharawatto_cobrajony0
  • Reply 12 of 67
    crowleycrowley Posts: 8,715member
    Intellectual Property wasn’t the only thing they hacked into. We will soon see that a “certain brand” of voting machine was also hacked on November 3, 2020. This article is just an attempt to lay blame based on what is already known. Stay tuned…
    Hi Q!  
    tmayjony0
  • Reply 13 of 67
    crowley said:
    6502 said:
    Microsoft OS is the worst OS in the world. Why these people don't know this fact? IBM PC users have been buying anti-virus software for decades. This is a necessity for Windows users. Why? Because hackers have been inflicting harm on IBM PC users. Do we execute them? I have not users any anti-virus on my Macs. I have received many spam emails trying to steal from me. Do we execute the senders? 
    IBM got out of the PC business 16 years ago. Windows 10 is actually quite usable. I don't use any anti-virus software except for the built-in Windows Defender.
    There are still lots of PC users not using Windows 10.
    Do we execute them?
    Poor reading skill.  :s
  • Reply 14 of 67
    crowleycrowley Posts: 8,715member
    crowley said:
    6502 said:
    Microsoft OS is the worst OS in the world. Why these people don't know this fact? IBM PC users have been buying anti-virus software for decades. This is a necessity for Windows users. Why? Because hackers have been inflicting harm on IBM PC users. Do we execute them? I have not users any anti-virus on my Macs. I have received many spam emails trying to steal from me. Do we execute the senders? 
    IBM got out of the PC business 16 years ago. Windows 10 is actually quite usable. I don't use any anti-virus software except for the built-in Windows Defender.
    There are still lots of PC users not using Windows 10.
    Do we execute them?
    Poor reading skill.  :s
    Poor joke detection skill.
    Japheytmayurahara
  • Reply 15 of 67
    crowley said:
    crowley said:
    6502 said:
    Microsoft OS is the worst OS in the world. Why these people don't know this fact? IBM PC users have been buying anti-virus software for decades. This is a necessity for Windows users. Why? Because hackers have been inflicting harm on IBM PC users. Do we execute them? I have not users any anti-virus on my Macs. I have received many spam emails trying to steal from me. Do we execute the senders? 
    IBM got out of the PC business 16 years ago. Windows 10 is actually quite usable. I don't use any anti-virus software except for the built-in Windows Defender.
    There are still lots of PC users not using Windows 10.
    Do we execute them?
    Poor reading skill.  :s
    Poor joke detection skill.
    It is not funny. 
  • Reply 16 of 67
    crowleycrowley Posts: 8,715member
    crowley said:
    crowley said:
    6502 said:
    Microsoft OS is the worst OS in the world. Why these people don't know this fact? IBM PC users have been buying anti-virus software for decades. This is a necessity for Windows users. Why? Because hackers have been inflicting harm on IBM PC users. Do we execute them? I have not users any anti-virus on my Macs. I have received many spam emails trying to steal from me. Do we execute the senders? 
    IBM got out of the PC business 16 years ago. Windows 10 is actually quite usable. I don't use any anti-virus software except for the built-in Windows Defender.
    There are still lots of PC users not using Windows 10.
    Do we execute them?
    Poor reading skill.  :s
    Poor joke detection skill.
    It is not funny. 
    I disagree. 
    tmayurahara
  • Reply 17 of 67
    Just another government nut job accusing the good people of China of nefarious deeds.  Obvious bunk is obvious.  We've heard it before.  It was bunk then, and it's bunk now.

    /s
    tmaywatto_cobra
  • Reply 18 of 67
    crowley said:
    crowley said:
    crowley said:
    6502 said:
    Microsoft OS is the worst OS in the world. Why these people don't know this fact? IBM PC users have been buying anti-virus software for decades. This is a necessity for Windows users. Why? Because hackers have been inflicting harm on IBM PC users. Do we execute them? I have not users any anti-virus on my Macs. I have received many spam emails trying to steal from me. Do we execute the senders? 
    IBM got out of the PC business 16 years ago. Windows 10 is actually quite usable. I don't use any anti-virus software except for the built-in Windows Defender.
    There are still lots of PC users not using Windows 10.
    Do we execute them?
    Poor reading skill.  :s
    Poor joke detection skill.
    It is not funny. 
    I disagree. 
    I am a peace loving people. 
  • Reply 19 of 67
    crowleycrowley Posts: 8,715member
    crowley said:
    crowley said:
    crowley said:
    6502 said:
    Microsoft OS is the worst OS in the world. Why these people don't know this fact? IBM PC users have been buying anti-virus software for decades. This is a necessity for Windows users. Why? Because hackers have been inflicting harm on IBM PC users. Do we execute them? I have not users any anti-virus on my Macs. I have received many spam emails trying to steal from me. Do we execute the senders? 
    IBM got out of the PC business 16 years ago. Windows 10 is actually quite usable. I don't use any anti-virus software except for the built-in Windows Defender.
    There are still lots of PC users not using Windows 10.
    Do we execute them?
    Poor reading skill.  :s
    Poor joke detection skill.
    It is not funny. 
    I disagree. 
    I am a peace loving people. 
    I never said you wasn't.  Are you equating having a sense of humour with violence?
  • Reply 20 of 67
    GeorgeBMacGeorgeBMac Posts: 10,260member
    The Microsoft Exchange hack and many other attacks were caused by gangs working with the Chinese government, the Biden administration and NATO claim.

    Actually, NATO didn't claim that.   Aside from the usual crowd of the U.S., Britain and Canada, others are saying that Chinese hackers did some bad things -- but they are not attributing it to the Chinese government.

    From Reuters:

    "While a flurry of statements from Western powers represent a broad alliance, cyber experts said the lack of consequences for China beyond the U.S. indictment was conspicuous. Just a month ago, summit statements by G7 and NATO warned China and said it posed threats to the international order.

    Adam Segal, a cybersecurity expert at the Council on Foreign Relations in New York, called Monday's announcement a "successful effort to get friends and allies to attribute the action to Beijing, but not very useful without any concrete follow-up."

    Some of Monday's statements even seemed to pull their punches. While Washington and its close allies such as the United Kingdom and Canada held the Chinese state directly responsible for the hacking, others were more circumspect.

    NATO merely said that its members "acknowledge" the allegations being leveled against Beijing by the U.S., Canada, and the UK. The European Union said it was urging Chinese officials to rein in "malicious cyber activities undertaken from its territory" - a statement that left open the possibility that the Chinese government was itself innocent of directing the espionage."

    With the U.S. in full attack mode on China, it puts their allegations / assumptions into question.

    Apparently there was a hack and also a release of information to others on how to exploit it.  But there does not seem to be a consensus that it was initiated and supported by the Chinese government.

    But, regardless, if the hackers were operating independently in China, it is up to China to shut them down -- at least.
    Or, as the EU put it:
    "The European Union said it was urging Chinese officials to rein in "malicious cyber activities undertaken from its territory""



    edited July 19 avon b7
Sign In or Register to comment.