British foreign secretary says Beijing will be held to account if it does not stop ‘systematic cyber sabotage’ In early March, Microsoft released a patch to Exchange after discovering hackers were stealing email communications. Photograph: Omar Marques/SOPA Images/Rex/Shutterstock Dan Sabbagh Mon 19 Jul 2021 https://www.theguardian.com/world/2...use-chinese-state-backed-group-microsoft-hack Britain and its allies have formally accused Chinese state-based hacking groups of being behind the exploitation of an estimated 250,000 Microsoft Exchange servers worldwide earlier this year. The UK foreign secretary said the cyber-attack amounted to “a reckless but familiar pattern of behaviour”, in an announcement released on Monday. Dominic Raab called on Beijing to “end this systematic cyber sabotage” and said it “can expect to be held to account if it does not”, as the UK steps up complaints about Chinese hacking. In early March, Microsoft released a patch to Exchange after discovering that hackers were stealing email communications from internet-facing systems running its business software. At the time Microsoft said the hacking was conducted by a Chinese group called Hafnium but did not say whether it believed the Chinese state was behind it. Monday’s announcement marks a formal attribution of responsibility by the west. Britain’s National Cyber Security Centre, an arm of GCHQ, said it was “highly likely that Hafnium is associated with the Chinese state”. It is believed the group is supported, sustained and directed by China’s powerful ministry of state security and is part of a wider pattern of the ministry’s directed activity that also includes other specialist hacker groups. Further announcements by other countries are expected shortly. Companies were advised to implement Microsoft patches if they had not already done so; 8% of firms had not done so by the end of March, according to Microsoft.
And here... https://www.wsj.com/articles/biden-...crosoft-cyberattack-spree-11626692401?mod=mhp .....“The Microsoft Exchange hacks by MSS contractors is the most reckless cyber operation we have yet seen from the Chinese actors—much more dangerous than the Russian SolarWinds hacks,” said Mr. Alperovitch, referring to the widespread cyber-espionage campaign detected last December that, along with other alleged activities, prompted a suite of punitive measures against Moscow. Mr. Alperovitch criticized the lack of any sanctions or other responses beyond public statements being levied against China and said it raised questions about why Beijing appeared to be evading harsher penalties, especially compared with those slapped on Russia. “Failure to sanction any PRC-affiliated actors has been one of the most prolific and baffling failures of our China policy that has transcended administrations,” Mr. Alperovitch said, referring to the People’s Republic of China. Monday’s public shaming without further punishment “looks like a double standard compared with actions against Russian actors. We treat China with kid gloves.” The senior administration official said the Biden administration was aware that no single action was capable of changing the Chinese government’s malicious cyber behavior, and that the focus was on bringing countries together in a unified stance against Beijing. The list of nations condemning China on Monday was “unprecedented,” the official said, noting it was the first time NATO itself had specifically done so. “We’ve made clear that we’ll continue to take actions to protect the American people from malicious cyber activity, no matter who’s responsible,” the official said. “And we’re not ruling out further actions to hold the PRC accountable.”