Biden administration blames China for Microsoft Exchange email hack

The US and its allies condemn China's cyberattacks.

Sean Keane Former Senior Writer
Sean knows far too much about Marvel, DC and Star Wars, and poured this knowledge into recaps and explainers on CNET. He also worked on breaking news, with a passion for tech, video game and culture.
Expertise Culture, Video Games, Breaking News
Sean Keane
2 min read
US and Chinese flags

The Biden administration linked China to the Microsoft Exchange email server software hack.

Photo Illustration by Budrul Chukrut/SOPA Images/LightRocket via Getty Images

The Biden administration on Monday blamed China for the cyberattack on the Microsoft Exchange email server software earlier this year. It said hackers linked to China's Ministry of State Security exploited vulnerabilities to "compromise tens of thousands of computers and networks worldwide."

Emails were stolen from a vast array of organizations in the Microsoft software hack, including infectious disease researchers, law firms, defense contractors, higher education institutions and nongovernmental groups.

The Ministry of State Security has gathered "an ecosystem of criminal contract hackers" to work on its behalf and for their own profit, Secretary of State Antony Blinken said in a release.

"These contract hackers cost governments and businesses billions of dollars in stolen intellectual property, ransom payments, and cybersecurity mitigation efforts, all while the MSS had them on its payroll," he said.

The US joined with the EU, the UK, Australia, Canada, New Zealand, Japan and NATO to criticize China's "malicious cyber activities."

"Attributions like these will help the international community ensure those behind indiscriminate attacks are held accountable," Tom Burt, Microsoft's corporate vice president for customer security and trust, said in a statement emailed to CNET. "The governments involved in this attribution have taken an important and positive step that will contribute to our collective security. Transparency is critical if we're to combat the rising cyberattacks we see across the planet against individuals, organizations and nations."

Separately, the Justice Department on Monday announced charges against four Chinese nationals who allegedly worked with the ministry in a hacking campaign that ran from 2011 to 2018. It targeted companies, universities and government entities, with the goal of stealing intellectual property and business information to help out Chinese companies.

The FBI, NSA and Cybersecurity and Infrastructure Security Agency also published techniques used by Chinese government-linked hackers.