.png){kind=logo}
Tensions between the US and China have erupted once again, with Microsoft in the middle of a re-emerging cyber espionage battle. According to a Bloomberg report, China has blamed American actors for exploiting weaknesses in Microsoft’s email program to spy on its military networks.
The Cyber Security Association of China, supported by the nation’s Cyberspace Administration, leveled the accusations. The association says that US-based hackers conducted two significant cyberattacks on unidentified Chinese defense-linked companies by exploiting vulnerabilities in Microsoft Exchange servers. The hackers reportedly had access to the servers of a major defense contractor for almost a year.
This isn’t the tech giant's first time at the center of a geopolitical cyber blame game. While the company has pointed fingers at China for several major cyberattacks in the past, such accusations have been cast. In 2021, a great campaign, whose ability to compromise the servers of probably tens of thousands across the world was alleged to have been done by Chinese state-linked hackers, targeted Microsoft Exchange.
Once again in 2023, Chinese actors were found guilty of compromising email accounts of senior US government officials by exploiting Microsoft Exchange vulnerabilities. The then-US administration called it a ‘significant breach’ and condemned Beijing for its ongoing cyber intrusions.
The cyber war didn’t stop with Exchange. More recently, the company alleged that Chinese state-sponsored attackers had taken advantage of its SharePoint file-sharing platform’s vulnerabilities, labeling it as one of the most significant security breaches ever in the platform.
The attackers obtained sensitive information from nearly 400 worldwide organizations, including several US government agencies. Victims were distributed globally, with the US suffering the most, followed by Mauritius, Jordan, South Africa, and the Netherlands.
The tech leader responded by issuing out-of-band security patches and requesting that all on-premise SharePoint users apply the updates as soon as possible.
Also Read: Opera vs Microsoft: Battle Over Browser Fairness Reignites in Brazil
In response to Microsoft’s allegations, China has fought back. A Chinese Embassy spokesman, in a statement, said, “China firmly opposes and combats all forms of cyberattacks and cybercrime.”
The embassy did not specifically respond to the SharePoint claims but maintained that Beijing has always espoused more cooperation on global cybersecurity governance.
