The U.S. government and its key allies, including the European Union, the U.K., and NATO, formally attributed the massive cyberattack against Microsoft Exchange email servers to state-sponsored hacking crews working affiliated with the People’s Republic of China’s Ministry of State Security (MSS).
In a statement issued by the White House on Monday, the administration said, “with a high degree of confidence that malicious cyber actors affiliated with PRC’s MSS conducted cyber-espionage operations utilizing the zero-day vulnerabilities in Microsoft Exchange Server disclosed in early March 2021. The U.K. government accused Beijing of a “pervasive pattern of hacking” and “systemic cyber sabotage.”
The sweeping espionage campaign exploited four previously undiscovered vulnerabilities in Microsoft Exchange software and is believed to have hit at least 30,000 organizations in the U.S. and hundreds of thousands more worldwide. Microsoft identified the group behind the hack as a skilled…