Groups Similar Look up By Text Browse About



Similar articles
Article Id Title Prob Score Similar Compare
212326 TECHREPUBLIC 2021-7-19:
US and allies finger China in Microsoft Exchange hack
1.000 Find similar Compare side-by-side
212194 ARSTECHNICA 2021-7-19:
US warns China over state-sponsored hacking, citing mass attacks on Exchange
0.965 0.676 Find similar Compare side-by-side
212426 ZDNET 2021-7-19:
UK and White House blame China for Microsoft Exchange Server hack
0.968 0.654 Find similar Compare side-by-side
212302 ZDNET 2021-7-21:
China dismisses Exchange attribution and accuses US of whitewashing its cyber heists
0.128 0.613 Find similar Compare side-by-side
212428 ZDNET 2021-7-19:
DOJ charges four members of Chinese government hacking group
0.730 0.599 Find similar Compare side-by-side
212524 ARSTECHNICA 2021-7-21:
Home and office routers come under attack by China state hackers, France warns
0.019 0.386 Find similar Compare side-by-side
212329 ZDNET 2021-7-20:
DHS releases new mandatory cybersecurity rules for pipelines after Colonial ransomware attack
0.356 Find similar Compare side-by-side
212432 ZDNET 2021-7-19:
Singapore goes online in hunt for intelligence officers
0.351 Find similar Compare side-by-side
212525 TECHREPUBLIC 2021-7-22:
How cyberattacks exploit known security vulnerabilities
0.339 Find similar Compare side-by-side
212633 ZDNET 2021-7-22:
Attacks on critical infrastructure are dangerous. Soon they could turn deadly, warn analysts
0.334 Find similar Compare side-by-side
212608 ZDNET 2021-7-21:
Japanese government official says Olympic ticket data leaked
0.328 Find similar Compare side-by-side
212297 TECHREPUBLIC 2021-7-20:
Top 5 things to know about supply chain attacks
0.325 Find similar Compare side-by-side
212411 ZDNET 2021-7-16:
Microsoft points the finger at Israeli spyware seller for DevilsTongue attacks
0.324 Find similar Compare side-by-side
212347 TECHREPUBLIC 2021-7-20:
Ransomware: International cooperation is needed to curb these cybersecurity threats, says expert
0.322 Find similar Compare side-by-side
212543 ARSTECHNICA 2021-7-22:
Saudi Aramco confirms data leak after $50 million cyber ransom demand
0.319 Find similar Compare side-by-side
212552 TECHREPUBLIC 2021-7-22:
Kaseya obtains universal decryptor key for recent REvil ransomware attacks
0.319 Find similar Compare side-by-side
212585 TECHREPUBLIC 2021-7-22:
The ransomware risk management calculus is changing for OT, ICS and critical infrastructure
0.310 Find similar Compare side-by-side
212603 ZDNET 2021-7-21:
US House terminates deal with iConstituent after company waited days to raise ransomware alarm
0.309 Find similar Compare side-by-side
212570 ARSTECHNICA 2021-7-22:
Kaseya gets master decryptor to help customers still suffering from REvil attack
0.304 Find similar Compare side-by-side
211992 ZDNET 2021-7-16:
Chinese APT LuminousMoth abuses Zoom brand to target gov't agencies
0.303 Find similar Compare side-by-side
212280 VENTUREBEAT 2021-7-21:
Safe Security raises $33M to manage and mitigate cyber risk
0.300 Find similar Compare side-by-side
212374 TECHREPUBLIC 2021-7-16:
Kaseya attack: How ransomware attacks are like startups and what we need to do about that
0.298 Find similar Compare side-by-side
212521 THEVERGE 2021-7-22:
19 days after REvil’s ransomware attack on Kaseya VSA systems, there’s a fix
0.294 Find similar Compare side-by-side
212063 ZDNET 2021-7-16:
May ransomware blight all the cyber stragglers and let God sort them out
0.294 Find similar Compare side-by-side
212424 ZDNET 2021-7-19:
Kaseya ransomware attack FAQ: What we know now
0.279 Find similar Compare side-by-side

1

ID: 212326

URL: https://www.techrepublic.com/article/us-and-allies-finger-china-in-microsoft-exchange-hack/

Date: 2021-07-19

US and allies finger China in Microsoft Exchange hack

The United States and several allies have officially pointed the finger at China for the recent hack of Microsoft Exchange server as well as an ongoing series of cyberattacks carried out by contract hackers for personal profit. In a statement released on Monday, the White House said it joined with the U.K., the European Union and NATO in denouncing the People's Republic of China's for continued malicious cybercrimes. Cybersecurity: Let's get tactical (free PDF).   (TechRepublic). To start, the U.S. laid the blame on China's doorstep for the recent hack of Microsoft Exchange server. In this incident, cyberattacks targeted organizations running Exchange on premises by exploiting four zero-day vulnerabilities in the software. The U.S. said it attributed these attacks to cyber actors associated with the PRC's Ministry of State Security (MSS) in an operation that compromised tens of thousands of computers and networks around the world. At the time, Microsoft and others attributed the Exchange server hack to a China-based group named Hafnium, which Microsoft said conducts its operations mostly from leased virtual private servers in the U.S. But this marks the first time the U.S. government has officially called out China as responsible for these attacks. Beyond the Exchange incident, the U.S. blamed China for its role in ransomware attacks, cyber-enabled extortion, crypto-jacking and pure theft, impacting victims around the world. Specifically, the White House charged the country's MSS with running an operation of worldwide contract hackers who commit cybercrimes, often for their own personal gain. "PRC government-affiliated cyber operators have conducted ransomware operations against private companies that have included ransom demands of millions of dollars," the White House said. "The PRC's unwillingness to address criminal activity by contract hackers harms governments, businesses and critical infrastructure operators through billions of dollars in lost intellectual property, proprietary information, ransom payments and mitigation efforts. " As one response, the U.S. Department of Justice plans to announce criminal charges against four MSS hackers who targeted governments and other entities across at least 12 countries. According to DOJ documents, hackers for the MSS attempted to steal Ebola virus vaccine research, which the agency said shows that the PRC's theft of intellectual property extends to public health information. The impact of the charges against China ring even stronger as they're coming not just from the U.S. Marking the first time it has criticized the PRC's cybercriminal activity, NATO issued a statement on Monday joining the U.S. and others in attributing responsibility for the Exchange server compromise to the People's Republic of China. The organization said it called on all countries, including China, to act responsibly in the international system, including in cyberspace. In its own statement, the U.K. agreed that China was responsible for the Exchange hack, adding that it also has blamed China's MSS as behind such cyberthreat groups as AP31 and APT40. How to manage passwords: Best practices and security tips (free PDF). (TechRepublic). "Widespread, credible evidence demonstrates that sustained, irresponsible cyber activity emanating from China continues," the U.K. said in its statement. "The Chinese government has ignored repeated calls to end its reckless campaign, instead allowing its state-backed actors to increase the scale of their attacks and act recklessly when caught. " The European Union also charged China with carrying out the Exchange server hack, which affected computers and networks in member states and EU institutions. Further, the EU joined the U.K. in linking China to the APT31 and APT40 groups, which it said run operations for the purpose of intellectual property theft and espionage. With these allies in agreement that China is behind these attacks, the question now is what to do about it. The White House has outlined several measures designed to better defend and protect government agencies and the private sector from compromise. But a more effective strategy would involve multiple nations in a cyber equivalent to NATO. "The most encouraging development here is the possible formation of an allied coalition to establish and defend norms in cyberspace," said Hitesh Sheth, president and CEO at security firm Vectra. "We suffer damage because the cyber sphere lacks the governing protocols that limit, say, chemical and nuclear warfare. If the U.S. can lead a NATO-style coalition of influential nations to stabilize cyberspace, it will likely have long-term security benefits. " Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered Tuesdays and Thursdays