China has accused the U.S. of launching cyberattacks on its defense firms by exploiting flaws in Microsoft servers. A Chinese cyber agency claims U.S. hackers breached a military company’s Exchange servers and maintained access for nearly a year. Microsoft is now under renewed scrutiny amid escalating U.S.-China cyberwarfare accusations.

China accuses US of hacking military firms via Microsoft Exchange flaws, escalating tensions in cyber warfare claims. Photo/X.

Published By: Zubair Amin
Published: August 1, 2025 13:28:00 IST

China has accused the US of two major cyberattacks on its military companies, exploiting vulnerabilities in Microsoft Corp.’s email servers to steal sensitive military data and conduct cyberattacks on its defense industry, accordint to a Bloomberg report.

Chinese Military Companies Under Attack Through Microsoft Exchange

In a statement released on Friday, the Cyber Security Association of China claimed that American cyber actors were responsible for two major attacks on Chinese military companies. Although the association did not name the targeted companies, it said the attackers gained control of a key defense firm’s servers by exploiting flaws in Microsoft Exchange, maintaining access for almost a year.

The association, though relatively obscure, operates with backing from the Cyberspace Administration of China, the country’s top internet regulator.

Microsoft in Cross Hairs As US-China Cyberwar Intensifies

This accusation comes amid years of mutual allegations between the two global powers over cyber intrusions. Microsoft, headquartered in Redmond, Washington, has repeatedly pointed fingers at China-based hackers for large-scale breaches involving its Exchange software.

In 2021, Microsoft said a Chinese-linked operation had compromised tens of thousands of Microsoft Exchange servers worldwide. In 2023, another breach involving Exchange reportedly gave hackers access to email accounts belonging to senior US officials. A subsequent US government review sharply criticized Microsoft, citing a “cascade of security failures.”

Microsoft SharePoint Under Chinese Cyber Attack

More recently, Microsoft revealed that Chinese state-backed hackers had also targeted vulnerabilities in SharePoint, its widely used file-sharing platform.

According to reports, the cybersecurity firm that first flagged the latest wave of attacks last month, hackers infiltrated approximately 400 entities, including government agencies and corporations. The actual number of affected organizations may be significantly higher.

The firm added that while most of the victims were in the US, others were located in Mauritius, Jordan, South Africa, and the Netherlands.

In response to the attacks, Microsoft issued a warning in July, urging customers who manage on-premise SharePoint servers, as opposed to cloud-hosted versions, to remain vigilant, citing active targeting by threat actors.

