How China’s Devastating Microsoft Hack Puts Us All at Risk

By Matthew Brazil

a group of people on a stage: Michael Borgers/Getty

© Provided by The Daily Beast
Michael Borgers/Getty

During World War II, the Chinese communists cultivated opium in their base area and trafficked it into Japanese-occupied cities. Mao Zedong’s man in charge was one of the biggest master spies of the period, Li Kenong. Though Mao later regretted cultivating the “special product,” which he called “that certain thing,” the drug caused disruption in the enemy rear and benefited the Red-area economy.


Load Error

Now it seems to be applying the same strategy in the West’s rear area, causing disruptions to online systems and simultaneously benefiting the Chinese economy with viruses and worms used to steal information from computer systems worldwide. The latest simultaneous exploit against thousands of organizations, disclosed on March 2, was dubbed the Microsoft Exchange hack, exploiting servers that manage email systems. The hack allows perpetrators to read messages of selected targets and then venture deeper into infected networks.

Over 60,000 organizations in the U.S. and at least 280,000 users worldwide using Microsoft Exchange for their email were hacked between Feb. 26 and March 3, according to Chris Krebs, the former director of the Cybersecurity and Infrastructure Security Agency. The organizations include defense contractors, universities, state and local governments, policy think tanks, infectious disease researchers, and businesses: anyone that chose to use Microsoft Exchange for their email service.

The unidentified organization behind the hack, assessed by Microsoft to be a Chinese state-sponsored entity, is known by the code name HAFNIUM. The hack has enabled unauthorized access to entire email systems and follow-on access to connected databases that store classified information, trade secrets, the wide range of other proprietary…