China Denies ‘Groundless and Malicious’ Claims of Microsoft Hack

China has slammed “groundless” claims that it carried out a major cyber-attack against tech giant Microsoft.

A group of Western countries had accused China of hacking Microsoft Exchange – a popular email platform used by companies worldwide.

The joint statement accused the Chinese Ministry of State Security (MSS) of undermining global stability and security.

China has always maintained that it opposes all forms of cyber-crime.

On Monday, New Zealand joined the group of countries including the UK, US and Australia in blaming Chinese state-sponsored actors for “malicious cyber activity” in the country, including the Microsoft attack.

The Chinese Embassy in Wellington called the accusations “groundless and irresponsible”.

“The Chinese government is a staunch defender of cyber security,” said a statement published by the embassy in response to a question from reporters.

“Making accusations without [proof] is malicious.”

The Chinese embassy in Australia echoed these remarks, describing Washington as “the world champion of malicious cyber attacks”.

The Microsoft hack affected at least 30,000 organisations globally.

The Exchange system powers the email of major corporations, small businesses and public bodies worldwide.

Microsoft blamed a Chinese cyber-espionage group for exploiting a vulnerability in Microsoft Exchange – which allowed hackers to remotely access email inboxes.

The group, known as Hafnium, was found by Microsoft’s Threat Intelligence Centre to be state-sponsored and operating out of China.

Western security sources believe Hafnium obtained advance knowledge that Microsoft intended to patch or close the vulnerability, and so shared it with other China-based groups to maximise the benefit before it became obsolete.

US President Joe Biden had earlier told reporters that the Chinese government may not have been carrying out the attacks themselves, but were ” protecting those who are doing it. And maybe even accommodating them being able to do it.”

The US Department of Justice has also announced criminal charges against four MSS hackers which it said were linked to a long-term campaign targeting foreign governments and entities in key sectors in a least a dozen countries.

Follow us on: