NATO, EU, and allies attribute email intrusion to Chinese state-backed hackers

On 19 July 2021, NATO, the European Union, Australia, New Zealand and Japan all issued public statements officially attributing an attack on Microsoft to Chinese state-sponsored actors. In March 2021, suspected China-backed cyber espionage groups carried out a cyberattack on Microsoft’s email software, leading to hundreds of thousands of businesses and organizations’ data and credentials being compromised. Microsoft said the hacking took advantage of a previously undetected vulnerability to remotely enter the email boxes. Microsoft’s Threat Intelligence Centre blamed the cyber-attack on Hafnium, a state-sponsored group operating out of China. According to the Diplomat, the cyberattack initially targeted U.S. think tanks. 

About This Incident

Threat Actors: China

Incident Metadata

Date: March-July 2021
Country: United States