China has accused the US of two major cyberattacks on its military companies, exploiting vulnerabilities in Microsoft Corp.’s email servers to steal sensitive military data and conduct cyberattacks on its defense industry, accordint to a Bloomberg report.
Chinese Military Companies Under Attack Through Microsoft Exchange
In a statement released on Friday, the Cyber Security Association of China claimed that American cyber actors were responsible for two major attacks on Chinese military companies. Although the association did not name the targeted companies, it said the attackers gained control of a key defense firm’s servers by exploiting flaws in Microsoft Exchange, maintaining access for almost a year.
The association, though relatively obscure, operates with backing from the Cyberspace Administration of China, the country’s top internet regulator.
Also Read: Canva Down: Users Report Outage, Real-Time Status Shows Service Disruptions Worldwide
Microsoft in Cross Hairs As US-China Cyberwar Intensifies
This accusation comes amid years of mutual allegations between the two global powers over cyber intrusions. Microsoft, headquartered in Redmond, Washington, has repeatedly pointed fingers at China-based hackers for large-scale breaches involving its Exchange software.
In 2021, Microsoft said a Chinese-linked operation had compromised tens of thousands of Microsoft Exchange servers worldwide. In 2023, another breach involving Exchange reportedly gave hackers access to email accounts belonging to senior US officials. A subsequent US government review sharply criticized Microsoft, citing a “cascade of security failures.”
Microsoft SharePoint Under Chinese Cyber Attack
More recently, Microsoft revealed that Chinese state-backed hackers had also targeted vulnerabilities in SharePoint, its widely used file-sharing platform.
According to reports, the cybersecurity firm that first flagged the latest wave of attacks last month, hackers infiltrated approximately 400 entities, including government agencies and corporations. The actual number of affected organizations may be significantly higher.
The firm added that while most of the victims were in the US, others were located in Mauritius, Jordan, South Africa, and the Netherlands.
In response to the attacks, Microsoft issued a warning in July, urging customers who manage on-premise SharePoint servers, as opposed to cloud-hosted versions, to remain vigilant, citing active targeting by threat actors.
Also Read: Is Elon Musk About To Replace Siri With Grok In A Game-Changing Apple Deal? Here Is What We Know
