U.S., NATO, and EU can blame China for the cyberattack on Microsoft

July 20, 2021:-A new alliance made up of NATO member states, the European Union, Australia, New Zealand, and Japan are coming together to confront the global threat posed by Chinese state-sponsored cyberattacks. On Monday, in its first joint action, the alliance will publicly blame the Ministry of State Security of China for a massive cyberattack on Microsoft Exchange email servers this year.

The attack was carried out by criminal contract hackers working for the MSS, and they also engage in cyber-enabled extortion and ransomware, the official said.

The group will share intelligence on cyber threats and collaborate on network defenses and security, said a senior Biden administration official who has requested anonymity to discuss a national security effort.

On Monday, the FBI, National Security Agency, and Cybersecurity and Infrastructure Security Agency released a new advisory that lists 50 tactics, techniques, and procedures that Chinese state-sponsored hackers employ.

The brazen Microsoft Exchange server attack went public in March and will hit nearly 30,000 American organizations and hundreds of thousands more all over the world.

Microsoft identified the group behind the hack as a relatively unknown Chinese espionage network dubbed Hafnium.

By now, the U.S has stopped short of publicly blaming Beijing for the attack.

The delay in naming China was partly to give investigators time to assemble the evidence to prove that the Hafnium hackers were on the Chinese state payroll, the official said.

It was also crucial for the U.S to act in concert with its allies when it made the public attribution, said the official.

When cyber warfare is becoming the front line in a global power struggle amid democracies and autocratic states, the new cybersecurity alliance could be a model for future efforts to confront transnational threats.

Monday’s joint announcements build on President Joe Biden’s effort earlier this summer to rally support among NATO and EU allies for a more aggressive approach to China.

They also come in the increasing number of economic and diplomatic sanctions the Biden administration has imposed on Beijing this year in response to alleged human rights abuses in Hong Kong and Xinjiang provinces.

On Friday, the U.S sanctioned seven Chinese officials in response to Beijing’s crackdown on Hong Kong’s democratic institutions.

The U.S. also issued a business advisory warning U.S. firms of potential data and privacy breaches by the Chinese government to continue doing business in Hong Kong.

For now, the recently launched cybersecurity alliance is focused on cooperative security and threat alerts and not on retaliation.

The White House has raised the Microsoft attacks with senior members of the Chinese government, “making clear that the actions threaten security, confidence, and stability in cyberspace,” the senior official said.