Daily Management Review

EU, US accuse China of cyberattack through Microsoft Exchange


European Union countries have been hit by cyberattacks from China through a vulnerability in Microsoft's Exchange Server software.

openDemocracy via flickr
openDemocracy via flickr
This put thousands of computers at risk, including in European countries and EU institutions. In this regard, the EU calls on China to take action against cyber-attacks, said a statement by EU High Representative for Foreign Affairs and Security Policy Josep Borrell. U.S. authorities have said attackers linked to China's Ministry of State Security were behind the cyber-attacks through the Exchange Server.

The EU said in a statement that the use of Microsoft Exchange Server by hackers had led to security risks and significant economic losses for public institutions and private companies. Josep Borrell also reported the detection of cyber-attacks by the Advanced Persistent Threat 40 and Advanced Persistent Threat 31 groups from China against state institutions and political organisations in the EU. The attacks were aimed at intellectual property theft and espionage.

The US authorities, along with allies and partners, are "with a high degree of confidence" ready to officially attribute the malicious use of vulnerabilities in Microsoft Exchange to hackers linked to China's Ministry of State Security, a high-ranking US administration official said at a briefing. She said the ministry was deliberately using contract cyber criminals to conduct unauthorised cyber operations around the world for personal gain. "All for the financial gain of PRC government-linked cyber operators," she said (quoted on the White House website).

source: ec.europa.eu, reuters.com