November 23, 2024 02:47 (IST)
Follow us:
facebook-white sharing button
twitter-white sharing button
instagram-white sharing button
youtube-white sharing button
'Third World War has begun:' Ex-Ukraine military commander-in-chief Valery Zaluzhny | UK-India Free Trade Agreement negotiations to resume in early 2024 | UK can arrest Benjamin Netanyahu if he visits country based on ICC warrant | Centre to send over 10,000 additional soldiers to violence-hit Manipur amid fresh violence | Chhattisgarh: 10 Maoists killed during encounter with security forces in Sukma
Microsoft accuses China of e-mail server cyber attack, Beijing says it combats cyber attacks in all forms
Chinese hackers
Image: Unsplash

Microsoft accuses China of e-mail server cyber attack, Beijing says it combats cyber attacks in all forms

| @indiablooms | 05 Mar 2021, 11:20 am

IT giant Microsoft recently claimed a group of hackers linked to China hacked into its popular email service that allowed them to gain access to computers.

"Today, we’re sharing information about a state-sponsored threat actor identified by the Microsoft Threat Intelligence Center (MSTIC) that we are calling Hafnium. Hafnium operates from China, and this is the first time we’re discussing its activity. It is a highly skilled and sophisticated actor," Microsoft said in a blog post.

Historically, Hafnium primarily targets entities in the United States for the purpose of exfiltrating information from a number of industry sectors, including infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks and NGOs, the IT company claimed.

"While Hafnium is based in China, it conducts its operations primarily from leased virtual private servers (VPS) in the United States," the company said.

"Recently, Hafnium has engaged in a number of attacks using previously unknown exploits targeting on-premises Exchange Server software. To date, Hafnium is the primary actor we’ve seen use these exploits, which are discussed in detail by MSTIC here," it said.

"The attacks included three steps. First, it would gain access to an Exchange Server either with stolen passwords or by using the previously undiscovered vulnerabilities to disguise itself as someone who should have access. Second, it would create what’s called a web shell to control the compromised server remotely. Third, it would use that remote access – run from the U.S.-based private servers – to steal data from an organization’s network," Microsoft said.

China reacted to claims and the country's Foreign Ministry Spokesperson Wang Wenbin said in a statement: "China firmly opposes and combats cyber attacks and cyber theft in all forms. This position is consistent and clear. China has reiterated on multiple occasions that given the virtual nature of cyberspace and the fact that there are all kinds of online actors who are difficult to trace, tracing the source of cyber attacks is a complex technical issue. It is also a highly sensitive political issue to pin the label of cyber attack to a certain government."

"We hope that relevant media and company will adopt a professional and responsible attitude and underscore the importance to have enough evidence when identifying cyber-related incidents, rather than make groundless accusations," he said.

Support Our Journalism

We cannot do without you.. your contribution supports unbiased journalism

IBNS is not driven by any ism- not wokeism, not racism, not skewed secularism, not hyper right-wing or left liberal ideals, nor by any hardline religious beliefs or hyper nationalism. We want to serve you good old objective news, as they are. We do not judge or preach. We let people decide for themselves. We only try to present factual and well-sourced news.

Support objective journalism for a small contribution.
Related Images
Xi Jinping, Putin in Russia 22 Mar 2023, 02:56 pm
Related Videos