The big picture: The Biden government released a statement claiming with "high confidence" that China had exploited Microsoft Exchange vulnerabilities to gain access to classified information. The White House has already confronted the Chinese government over this and other related malicious cyber actions, citing how these actions build trust and stability in cyberspace.
In early March, vulnerabilities in Microsoft Exchange gave unwanted access to more than 30,000 US government and commercial organizations. These "vulnerabilities" were exploited by "at least 10 hacker groups" and allowed them to remotely control servers through a web browser. By the end of March, most Microsoft Exchange servers had been patched against these vulnerabilities.
According to the Biden administration, hackers from China's Ministry of Public Security (MSS) have exploited vulnerabilities in Exchange servers to exploit ransomware attacks and cyber extortion. -Include encryption and theft classification of victims around the world. This resulted in billions of dollars in lost intellectual property, proprietary information, ransom and deductions. White House statement from US allies and partners, including the European Union, UK and NATO In addition to the White House, the US Department of Justice also announced that four people working for China's MSS have been attacked for attacking several entities. The organization is accused of targeting the aerospace, defense, education, government, health, biopharma and marine industries between 2011 and 2018. The others.
< p Scheduling critical events from vulnerabilities to widespread exploitation
The British National Cyber Security Center (NCSC) and the Council of the European Union have also released malicious statements about China's cyber activities and state support. United against these attacks. The United States is ramping up the USG's cyber defense in response to attacks that exploit vulnerabilities in Microsoft Exchange. First steps include ensuring that cyber actors do not have access to public and private networks, and adding private companies to the new US government's model for responding to cyber incidents. Cyber Security Advice "Details electronic technologies used by China-backed hackers to target US and allied networks, including those used to exploit Exchange Server vulnerabilities." To further protect federal networks and improve cybersecurity in the United States, the federal government budget has updated Network Defenses implementing President Biden's directives and issuing a directive requiring major pipeline companies to meet cybersecurity standards. Image and documentation credit: Alejandro Luingo, ESET
Biden says China is to blame for Microsoft Exchange cyber attacks