Latest news with #ReutersMicrosoft

Economic Times

Did US use Microsoft bugs to spy on China's military?

Synopsis China accuses the US of exploiting Microsoft's email server vulnerabilities to steal military data and launch cyberattacks on its defense sector. This accusation follows Microsoft's repeated blaming of China for major cyber incidents involving its software, including breaches of Exchange servers and SharePoint. The US embassy has not yet responded to the allegations. Reuters Microsoft logo is seen through broken glass in this illustration taken, January 25, 2023. China accused the US of exploiting a flaw in Microsoft Corp.'s email servers to steal military data and carry out cyberattacks on its defense sector, Bloomberg Cyber Security Association of China, a little-known entity backed by the Cyberspace Administration of China, said Friday that US actors had been linked to two major cyberattacks on Chinese military companies. The attackers allegedly exploited vulnerabilities in Microsoft Exchange to control the servers of a key defense-sector company for nearly a year, it Microsoft has repeatedly blamed China for major cyber incidents tied to its software. In 2021, an alleged Chinese campaign compromised tens of thousands of Microsoft Exchange servers. In 2023, another alleged Chinese breach of Exchange impacted senior US officials' email accounts, prompting a US government review that accused Microsoft of a 'cascade of security failures.' Last month, Microsoft also said state-backed Chinese hacking groups exploited flaws in its SharePoint file-sharing software.'Every nation state in the world carries out offensive cybersecurity campaigns against others,' said Jon Clay, vice president of threat intelligence at Trend Micro. 'I'm assuming at this point, because of the recent SharePoint vulnerability that Microsoft attributed to China, they are coming out and saying, hey, the US has been targeting us with exploits.'The US embassy in Beijing did not immediately respond to Bloomberg's request for comment. Ben Read, director of strategic threat intelligence at noted in a recent blog that China increasingly uses 'public attribution of cyber activities' to pressure Taiwan and shape 'the international dialogue around cybersecurity.' Earlier this year, Beijing accused Taiwan of multiple April, China alleged that three NSA employees hacked the Asian Winter Games in Harbin, targeting systems containing personal information of event participants. While Washington has often named alleged Chinese hackers and filed charges against them, Beijing has historically avoided directly accusing US spies, Bloomberg said.