Groups Similar Look up By Text Browse About

Similar articles
Article Id Title Prob Score Similar Compare
212426 ZDNET 2021-7-19:
UK and White House blame China for Microsoft Exchange Server hack
1.000 Find similar Compare side-by-side
212194 ARSTECHNICA 2021-7-19:
US warns China over state-sponsored hacking, citing mass attacks on Exchange
0.948 0.722 Find similar Compare side-by-side
212326 TECHREPUBLIC 2021-7-19:
US and allies finger China in Microsoft Exchange hack
0.968 0.654 Find similar Compare side-by-side
212302 ZDNET 2021-7-21:
China dismisses Exchange attribution and accuses US of whitewashing its cyber heists
0.118 0.585 Find similar Compare side-by-side
212428 ZDNET 2021-7-19:
DOJ charges four members of Chinese government hacking group
0.846 0.578 Find similar Compare side-by-side
212524 ARSTECHNICA 2021-7-21:
Home and office routers come under attack by China state hackers, France warns
0.404 Find similar Compare side-by-side
212421 ZDNET 2021-7-19:
NSO Group's Pegasus spyware used against journalists, political activists worldwide
0.402 Find similar Compare side-by-side
212608 ZDNET 2021-7-21:
Japanese government official says Olympic ticket data leaked
0.389 Find similar Compare side-by-side
212411 ZDNET 2021-7-16:
Microsoft points the finger at Israeli spyware seller for DevilsTongue attacks
0.385 Find similar Compare side-by-side
212329 ZDNET 2021-7-20:
DHS releases new mandatory cybersecurity rules for pipelines after Colonial ransomware attack
0.372 Find similar Compare side-by-side
212543 ARSTECHNICA 2021-7-22:
Saudi Aramco confirms data leak after $50 million cyber ransom demand
0.363 Find similar Compare side-by-side
212432 ZDNET 2021-7-19:
Singapore goes online in hunt for intelligence officers
0.359 Find similar Compare side-by-side
212424 ZDNET 2021-7-19:
Kaseya ransomware attack FAQ: What we know now
0.347 Find similar Compare side-by-side
212207 ARSTECHNICA 2021-7-19:
“Clickless” exploits from Israeli firm hacked activists’ fully updated iPhones
0.346 Find similar Compare side-by-side
211992 ZDNET 2021-7-16:
Chinese APT LuminousMoth abuses Zoom brand to target gov't agencies
0.341 Find similar Compare side-by-side
212570 ARSTECHNICA 2021-7-22:
Kaseya gets master decryptor to help customers still suffering from REvil attack
0.340 Find similar Compare side-by-side
212603 ZDNET 2021-7-21:
US House terminates deal with iConstituent after company waited days to raise ransomware alarm
0.339 Find similar Compare side-by-side
212611 ZDNET 2021-7-22:
Brazilian government establishes price reduction for Oracle contracts
0.316 Find similar Compare side-by-side
212525 TECHREPUBLIC 2021-7-22:
How cyberattacks exploit known security vulnerabilities
0.315 Find similar Compare side-by-side
212624 ZDNET 2021-7-22:
China bans children under 16 from appearing in live-streaming and online video content
0.314 Find similar Compare side-by-side
212601 ZDNET 2021-7-22:
Saudi Aramco denies breach after hackers hawk stolen files
0.314 Find similar Compare side-by-side
212620 ZDNET 2021-7-22:
Modi government accused of spying on critics and opponents using Pegasus spyware
0.313 Find similar Compare side-by-side
212251 ARSTECHNICA 2021-7-17:
Facebook catches Iranian spies catfishing US military targets
0.313 Find similar Compare side-by-side
212441 ZDNET 2021-7-20:
Microsoft heads to court to take on imposter, homoglyph domains
0.308 Find similar Compare side-by-side
212521 THEVERGE 2021-7-22:
19 days after REvil’s ransomware attack on Kaseya VSA systems, there’s a fix
0.306 Find similar Compare side-by-side


ID: 212426


Date: 2021-07-19

UK and White House blame China for Microsoft Exchange Server hack

Updated: The UK government says the country is responsible for "systematic cyber sabotage." The UK government has formally laid the blame for the Microsoft Exchange Server cyberattack at the feet of China.  On Monday, the government joined others -- including the victim company itself, Microsoft -- in claiming the cyberattack was the work of Chinese state-sponsored hackers, namely Hafnium, an advanced persistent threat (APT) group.  The United States, NATO, and the EU have joined the UK in condemning the attack.  Foreign Secretary Dominic Raab deemed the attack "by Chinese state-backed groups" as a "reckless but familiar pattern of behavior." "The Chinese Government must end this systematic cyber sabotage and can expect to be held [to] account if it does not," Raab added.  Earlier this year, suspicious activity was detected and linked to four zero-day vulnerabilities in on-prem Microsoft Exchange Servers.  In March, the Redmond giant issued emergency patches to mitigate the threat to its customers; however, the vulnerabilities -- CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065 -- were exploited, compromising an estimated 30 000 organizations in the US alone.  The European Banking Authority was one of the most high-profile victims of the attack.  Following the incident, the malware was discovered on over 2000 machines belonging to businesses in the United Kingdom. Read on: Everything you need to know about the Microsoft Exchange Server hackThe UK government believes the attack was likely conducted for "large-scale espionage", including the theft of information and intellectual property by hackers sponsored by the People's Republic of China (PRC).  Furthermore, UK officials say that the Chinese Ministry of State Security is backing two other groups, known as APT40 (TEMP.Periscope/TEMP.Jumper/Leviathan) and APT31 (Judgement Panda/Zirconium/Red Keres).  According to the National Cyber Security Centre (NCSC), APT40 is responsible for targeting the maritime industry and naval contractors in the United States and Europe, and the agency assesses with high confidence that the Chinese Ministry of State Security is backing the group, which "operates to key Chinese State Intelligence requirements. " In addition, the NCSC says that APT31 is responsible for targeting government and political figures, including the Finnish Parliament, in 2020. " [The] NCSC is almost certain that APT31 is affiliated to the Chinese State and likely that APT31 is a group of contractors working directly for the Chinese Ministry of State Security," the agency added.  "The Chinese government has ignored repeated calls to end its reckless campaign, instead [of] allowing its state-backed actors to increase the scale of their attacks and act recklessly when caught," UK officials commented. "This coordinated action today sees the international community once again urge the Chinese government to take responsibility for its actions and respect the democratic institutions, personal data, and commercial interests of those with whom it seeks to partner. " The government has also called on China to desist in its alleged attempts to conduct or support IP and trade secrets theft through cyberattacks.  Update 15.33 BST: The UK, NATO, US, and EU have allied in their stance against alleged Chinese cyberattacks.  Together with the UK, the White House has issued a joint statement criticizing China's alleged behavior.  "In some cases, we are aware that PRC government-affiliated cyber operators have conducted ransomware operations against private companies that have included ransom demands of millions of dollars," the US government claims. "The PRC's unwillingness to address criminal activity by contract hackers harms governments, businesses, and critical infrastructure operators through billions of dollars in lost intellectual property, proprietary information, ransom payments, and mitigation efforts. " The US Department of Justice (DoJ) has also indicted four Chinese nationals suspected of being members of China's Ministry of State Security (MSS), as well as APT40. They are accused of "hacking into the computer systems of dozens of victim companies, universities and government entities in the United States and abroad between 2011 and 2018." The DoJ alleges that the MSS has been involved in cyberattacks against victims in the US, Austria, Cambodia, Canada, Germany, Indonesia, Malaysia, Norway, Saudi Arabia, South Africa, Switzerland, and the United Kingdom. Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0