The cyber attacks took place in early 2021, targeting Microsoft Exchange (Microsoft’s email software) servers. A group known as Hafnium compromised Microsoft Exchange, allowing it to penetrate into the IT networks of its targets. The attack was so widespread that at the time, the White House National Security Council formed an emergency response group to deal with the attack.
Microsoft said that by end of March, 92 per cent of customers had been patched against the vulnerability.
Now, according to British officials, the attack was very likely to have been carried out to enable “large-scale espionage”, including stealing personal information and intellectual property. The National Cyber Security Centre (NCSC) is “almost certain” that the compromise was initiated and exploited by actors backed by the Chinese state.
“The cyber-attack on Microsoft Exchange Server by Chinese state-backed groups was a reckless but familiar pattern of behaviour,” said Dominic...