November 05, 2024 22:19 (IST)
Follow us:
facebook-white sharing button
twitter-white sharing button
instagram-white sharing button
youtube-white sharing button
Union Minister HD Kumaraswamy booked for threatening cop probing into mining case | Supreme Court upholds validity of Uttar Pradesh Madrasa Education Act | Not all private properties are community resources that govt can take over: Supreme Court | Pakistan's Lahore has become world's most polluted city with an AQI of 1900 on Sunday | Indian Army 'successfully completes' patrolling to a key point in Ladakh's Depsang region
Microsoft accuses China of e-mail server cyber attack, Beijing says it combats cyber attacks in all forms
Chinese hackers
Image: Unsplash

Microsoft accuses China of e-mail server cyber attack, Beijing says it combats cyber attacks in all forms

| @indiablooms | 05 Mar 2021, 11:20 am

IT giant Microsoft recently claimed a group of hackers linked to China hacked into its popular email service that allowed them to gain access to computers.

"Today, we’re sharing information about a state-sponsored threat actor identified by the Microsoft Threat Intelligence Center (MSTIC) that we are calling Hafnium. Hafnium operates from China, and this is the first time we’re discussing its activity. It is a highly skilled and sophisticated actor," Microsoft said in a blog post.

Historically, Hafnium primarily targets entities in the United States for the purpose of exfiltrating information from a number of industry sectors, including infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks and NGOs, the IT company claimed.

"While Hafnium is based in China, it conducts its operations primarily from leased virtual private servers (VPS) in the United States," the company said.

"Recently, Hafnium has engaged in a number of attacks using previously unknown exploits targeting on-premises Exchange Server software. To date, Hafnium is the primary actor we’ve seen use these exploits, which are discussed in detail by MSTIC here," it said.

"The attacks included three steps. First, it would gain access to an Exchange Server either with stolen passwords or by using the previously undiscovered vulnerabilities to disguise itself as someone who should have access. Second, it would create what’s called a web shell to control the compromised server remotely. Third, it would use that remote access – run from the U.S.-based private servers – to steal data from an organization’s network," Microsoft said.

China reacted to claims and the country's Foreign Ministry Spokesperson Wang Wenbin said in a statement: "China firmly opposes and combats cyber attacks and cyber theft in all forms. This position is consistent and clear. China has reiterated on multiple occasions that given the virtual nature of cyberspace and the fact that there are all kinds of online actors who are difficult to trace, tracing the source of cyber attacks is a complex technical issue. It is also a highly sensitive political issue to pin the label of cyber attack to a certain government."

"We hope that relevant media and company will adopt a professional and responsible attitude and underscore the importance to have enough evidence when identifying cyber-related incidents, rather than make groundless accusations," he said.

Support Our Journalism

We cannot do without you.. your contribution supports unbiased journalism

IBNS is not driven by any ism- not wokeism, not racism, not skewed secularism, not hyper right-wing or left liberal ideals, nor by any hardline religious beliefs or hyper nationalism. We want to serve you good old objective news, as they are. We do not judge or preach. We let people decide for themselves. We only try to present factual and well-sourced news.

Support objective journalism for a small contribution.
Related Images
Xi Jinping, Putin in Russia 22 Mar 2023, 02:56 pm
Related Videos