Biden Administration Blames Hackers Tied to China for Microsoft Cyberattack Spree

Four Chinese nationals, including three intelligence officers, were indicted over separate hacking activity

The Biden administration Monday publicly blamed hackers affiliated with China’s main intelligence service for a far-reaching cyberattack on Microsoft Corp. email software this year, part of a global effort to condemn Beijing’s malicious cyber activities.

In addition, four Chinese nationals, including three intelligence officers, were indicted over separate hacking activity.

The U.S. government has “high confidence” that hackers tied to the Ministry of State Security, or MSS, carried out the unusually indiscriminate hack of Microsoft Exchange Server software that emerged in March, senior officials said.

“The United States and countries around the world are holding the People’s Republic of China (PRC) accountable for its pattern of irresponsible, disruptive, and destabilizing behavior in cyberspace, which poses a major threat to our economic and national security,” Secretary of State Antony Blinken said. The MSS, he added, had “fostered an ecosystem of criminal contract hackers who carry out both state-sponsored activities and cybercrime for their own financial gain.”

The U.K. and European Union joined in the attribution of the Microsoft email hack, which rendered an estimated hundreds of thousands of mostly small businesses and organizations vulnerable to cyber intrusion. But the public shaming did not include punitive measures, such as sanctions or diplomatic expulsions, a contrast with how the administration recently punished Russia for a range of alleged malicious cyber activity.

WSJ