The U.S. and a coalition of allies on Monday formally attributed the sweeping campaign against Microsoft Exchange email servers to hackers affiliated with China’s Ministry of State Security. From a report: The group assessed with “high confidence” that Beijing-linked digital operators carried out the attack that ensnared hundreds of thousands of systems worldwide, a senior Biden administration official told reporters on Sunday. In addition, the partners alleged the ministry — which oversees the civilian arm of Beijing’s intelligence gathering operations — has utilized contract hackers to conduct other malicious cyber activities around the globe, including a ransomware attack on an American company, and other pursuits to line the pockets of MSS officials.
The use of such hired muscle “was really eye-opening and surprising for us,” said the official, who was only authorized to speak anonymously. The coalition includes the U.S., the so-called “Five Eye” nations, Japan, the European Union and NATO. Monday’s announcement marks the first time the transatlantic alliance has condemned Chinese digital activities, the official said. The massive Exchange hack was first disclosed in March — at the same time the Biden administration was dealing with the SolarWinds breach that has since been formally attributed to Russia’s foreign intelligence service.