U.S. issues warning after Microsoft says China hacked its mail server program


The U.S. has issued an emergency warning after Microsoft said it caught China hacking into its mail and calendar server program, called Exchange.

The perpetrator, Microsoft said in a blog post, is a hacker group that the company has "high confidence" is working for the Chinese government and spies primarily on American targets. The latest software update for Exchange blocks the hackers, prompting the U.S. Cybersecurity and Infrastructure Security Agency, or CISA, to issue a rare emergency directive that requires all government networks do so.

CISA, the U.S.'s primary defensive cybersecurity agency, rarely exercises its authority to demand that the entire U.S. government take steps to protect its cybersecurity. The move was necessary, the agency said, because the Exchange hackers are able "to gain persistent system access." All government agencies have until noon Friday to download the latest software update.

In a separate blog post, Microsoft Vice President Tom Burt wrote that the hackers have recently spied on a wide range of American targets, including disease researchers, law firms and defense contractors.

Burt added that the company had seen no evidence that individual consumers were targeted but emphasized that the hacker group has previously targeted "infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks and NGOs."

Contacted by email, a spokesperson for the Chinese Embassy in Washington referred to recent comments by spokesperson Wang Wenbin.

"China has reiterated on multiple occasions that given the virtual nature of cyberspace and the fact that there are all kinds of online actors who are difficult to trace, tracing the source of cyber attacks is a complex technical issue," Wang said.

"We hope that relevant media and company will adopt a professional and responsible attitude and underscore the importance to have enough evidence when identifying cyber-related incidents, rather than make groundless accusations."

There was no immediate indication that the hack had led to significant exploitation of government computer networks. But the announcement marks the second time in recent months that the U.S. has scrambled to address a widespread hacking campaign believed to be the work of foreign government spies.

The U.S. is still sussing out the damage after hackers suspected of being Russian broke into a software management company, SolarWinds, and used the breach to hack nine federal agencies and about 100 private companies, White House deputy national security adviser Anne Neuberger said in February.

As the developer behind the most popular operating system in the world, Windows, Microsoft is regarded by Western cybersecurity experts as having exceptional insight into global hacking campaigns.

The campaign gave the hackers access not only to the victims' emails and calendar invitations but also to their entire networks, Microsoft said. The hackers used four distinct "zero-day" exploits, which are rare digital tools that get their name because software developers are unaware of them, giving them no days to prepare fixes.

ESET, a Slovakian cybersecurity company, said on Twitter that its researchers had seen multiple hacker groups, not just the one Microsoft named in its announcement, that were also exploiting some of the same vulnerabilities in older versions of Exchange.


More Related News

Discord walked away from Microsoft talks, may pursue an IPO
Discord walked away from Microsoft talks, may pursue an IPO

A month after reports that Microsoft sought to buy the hot voice chat app Discord surfaced, those talks are off, a source familiar with the deal confirmed to TechCrunch. Discord is considering plans to stay independent, possibly charting a path to its own IPO in the not-too-distant future. The Wall Street Journal first reported news that the deal was off.

Discord reportedly won
Discord reportedly won't sell itself to Microsoft (or anyone else)

The chat service was said to be in talks with Microsoft for a deal worth at least $10 billion.

Microsoft is reportedly building a new Windows 10 store
Microsoft is reportedly building a new Windows 10 store

It's likely to have a major redesign and several developer-friendly features.

Are Apple and others
Are Apple and others' tech launches a better watch because of Covid?

The pandemic has forced firms to unveil new products via virtual events, rather than live on stage.

Xbox Cloud Gaming beta arrives on iOS and Windows PCs
Xbox Cloud Gaming beta arrives on iOS and Windows PCs

Microsoft is sending invitations to try the Xbox Cloud Gaming beta on iPhone, iPad and Windows 10 PCs.

Leave a Comment

Your email address will not be published. Required fields are marked with *

Cancel reply


Top News: Latin America