China-Backed Hackers Used Microsoft Flaw in Attacks, Defenders Say
The breaches in the United States and other countries took advantage of a disastrous security flaw that drew attention this month, after Microsoft issued a patch that fixed only part of the problem in SharePoint, which is widely used to coordinate work on documents and projects.
'We assess that at least one of the actors responsible for this early exploitation is a China-nexus threat actor,' said Charles Carmakal, chief technology officer of Google's Mandiant Consulting.
Another researcher, who, like others, spoke on the condition of anonymity because the inquiry is still underway, said federal investigators have evidence of U.S.-based servers linked to compromised SharePoint systems connecting to internet protocol addresses inside China on Friday and Saturday.
The FBI, the White House, and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency declined to comment Monday.
Two other responders working with the U.S. government said they had identified early attacks from China as well. The Chinese Embassy in Washington did not immediately respond to a request for comment.
The attacks allowed hackers to extract cryptographic keys from servers run by Microsoft clients. Those keys, in turn, would let them install anything, including back doors that they could use to return. Federal and state agencies were affected, researchers previously told The Washington Post, but it remains unclear which of them were vulnerable to follow-up attacks.
Only versions of SharePoint that are hosted by the customer, not those in the cloud, are vulnerable. Microsoft issued effective patches for the last of the exposed versions by Monday.
While installing the patches should prevent new intrusions, customers also need to change the machine's digital keys, apply anti-malware software and hunt for any breaches that have already occurred, Microsoft said.
Some of the early targets of the attack were entities that would interest the Chinese government, two of the responders said. But a wide range of attackers were now trying similar grabs, others said, looking to steal corporate secrets or install ransomware that encrypts key files until payments are made.
'It's critical to understand that multiple actors are now actively exploiting this vulnerability. We fully anticipate that this trend will continue, as various other threat actors, driven by diverse motivations, will leverage this exploit as well,' Carmakal said.
Piet Kerkhofs, CTO and co-founder of Europe-based Eye Security, said the SharePoint breaches share characteristics with other compromises that security researchers have attributed to China-based hackers.
For instance, hackers this month exploited a vulnerability in Citrix's NetScaler virtual desktop that some researchers saw being used by Chinese actors, Kerkhofs said. That hack was similar to the SharePoint compromise in that it turned a freshly discovered vulnerability into an 'exploit' or weapon – in 'extremely fast' order, 'hours to days,'' he said.
Another instance was China's global compromise of Microsoft Exchange email servers in early 2021. That case involved hackers sponsored by the Chinese government conducting widespread exploitation of core Microsoft software – its Exchange email server software.
That breach has been attributed to group that Microsoft calls Silk Typhoon, which is linked to China's Ministry of State Security. It is one of the most technically advanced hacking groups in the world and has been striking sensitive U.S. targets at an increased rate in the past year, The Post reported last week.
Silk Typhoon has broken into multiple U.S. federal agencies in the past and more recently hit multiple ministries in Europe, The Post reported.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Japan Today
5 hours ago
- Japan Today
Small businesses warn of Trump tariff impact on toy industry at Comic-Con
Small business owners used the festive backdrop of Comic-Con to discuss a sobering topic: the negative impact that US President Donald Trump's proposed tariffs are having on the toy industry Small business owners used the festive backdrop of Comic-Con to discuss a sobering topic: the negative impact that President Donald Trump's proposed tariffs are having on the toy industry. "Not the most sexy topic," Jonathan Cathey, chief executive of collectibles company The Loyal Subjects, admitted at a panel titled "Toys, Tariffs, and Trade Wars" at the four-day convention in San Diego, California. "But this ultimately affects you guys, it affects the end user," he said. "Prices will go up, and our rate of sales will go down." Toy companies have been fretting about the impact of Trump's global tariff blitz on the industry, particularly when it comes to China. Of over $17 billion worth of toys imported to the United States last year, more than $13 billion came from China. But a rollercoaster tariff row between Washington and Beijing has caused havoc for U.S. businesses and their Chinese suppliers. Panel moderator Daniel Pickett argued that the Trump administration is "imposing truly exaggerated, somewhat crazy, and frightening measures." He said Trump's proposal to impose additional tariffs on imports "has only wreaked havoc on the entire industry." Trump recently dismissed warnings by toy giant Hasbro's CEO Chris Cocks about rising prices if higher tariffs were imposed, defending his trade policy by emphasizing it favors domestic production. But Cathey argued the rhetoric doesn't reflect American reality. He said: "There's like 480,000 manufacturing jobs... that aren't even filled. So we're going to do what, we're going to bring a bunch of factory jobs back that nobody can fill." The business owner suggested that U.S. value-addition lies in innovation rather than manufacturing. "There are industries where tariffs make sense," Cathey continued, highlighting the automotive and mining sectors. "There's a mechanism where tariffs make sense that actually protect jobs, American workers, and our national security. Barbie ain't it." Brian Flynn of Super7, a collectibles and action figures brand, said the Trump administration's shifting tariff policies have caused chaos and uncertainty. "Nobody knows what's going to happen," he said, adding that the triple-digit tariffs Trump has sometimes mentioned would "drive everyone out of the market." Flynn said the impact was already visible at Comic-Con, where he had to limit himself to a small concession stand rather than a larger exhibit space. Consumers will feel the impact in their wallets next quarter, he warned. "And when it hits, that's going to make a big difference for us." © 2025 AFP
Japan Today
5 hours ago
- Japan Today
Montreal over Miami: Patriotic Canadians change summer vacation plans
FILE PHOTO: Canoes are seen on a dock on Lake Louise at Banff National Park, in the Canadian Rocky Mountains outside the village of Lake Louise, Alberta, October 3, 2014. REUTERS/Mark Blinch/File Photo By Nivedita Balu Canadians are trading their annual vacation south of the border for road trips around Ottawa, the midnight sun in Yukon, whale watching in Nova Scotia or hiking in Banff. The newfound desire to stay local started earlier this year when U.S. President Donald Trump threatened to annex Canada and imposed a series of tariffs on Canadian goods, spurring a 'Buy Canadian' movement to boycott U.S. businesses and avoid traveling to the U.S. London, Ontario-based Guess Where Trips sells curated mystery road trip packages in four Canadian provinces and reported a 75% increase in sales of trips across the country so far this year from a year ago. "It is clear that more Canadians are choosing to explore small businesses and hidden gems close to home, rather than crossing the border for their holidays and vacations," operations manager Jessica Bax said. Road trips around Ottawa are among their most popular packages, Bax said, as more Canadians explore their capital city. Prime Minister Mark Carney has also made a pitch for Canadians to take advantage of a new "Canada Strong" pass that grants free or discounted access to several national parks, historic sites and museums this summer. "Canadians are making choices to visit this great country, spend time here with their family, with their friends. They're making choices to buy Canadian products," he said in a press briefing in Huntsville, Ontario on Tuesday. The discount pass contrasts with Trump ordering higher entrance fees at U.S. national parks for visitors from other countries. A Bank of Canada survey this week showed that 55% of Canadians plan to spend less money vacationing in the United States this year while 35% said they would spend more on traveling within Canada. A survey by TD Bank showed 64% of Canadians polled planned to travel within the country, mirroring an increase in domestic flight bookings. Canadian domestic tourism spending rose 4% in the first quarter this year from a year earlier, said Destination Canada, a government agency that promotes Canadian tourism. The number of flight return trips from the United States made by Canadians fell 17% in May from a year earlier, while the number of such trips made by car fell by 37% that month, according to Statistics Canada. Walter Flower, who operates whale watching tours in Lunenburg, Nova Scotia, said he has been busier this year as more people exploring the UNESCO World Heritage town booked a 45-minute ocean adventure hoping to spot whales off the east coast. Divya Mohan, a communications specialist in Toronto, says she had initially planned to go to Texas this year but instead opted to explore the city of Winnipeg in Manitoba. "It just felt like the timing wasn't right... may be in the future," Mohan, 39, said of her trip in April. "Winnipeg is just one more destination in Canada to explore," Mohan said, coming away impressed with the Canadian Museum for Human Rights. On the west coast in British Columbia, RVs have gained popularity, said Storm Jespersen, a regional manager at family-owned tourism firm Evergreen Hospitality Group. "This year is going to be the busiest year in our company's history across our 26 properties... it's so busy, I don't think you can even rent one (RV) very easily right now," said Jespersen. WORTH THE BUCK Traveling in Canada can be expensive as domestic flights to remote locations often cost more than traveling to the United States or even Europe. But travelers have found ways to do it cheaper - through road trips or by hunting for discounts. "Doing road trips or just weekend trips to a cabin nearby is a great way to switch things up without spending thousands of dollars to fly a family of four across the country and back," said Vancouver-based marketing executive Kramer Solinsky. On his list this year, Solinsky plans to visit Montreal and the east coast for the first time and is traveling to Mexico City and Osaka in Japan instead of other sun-soaked options like Florida and California. To make some remote regions in northern Canada more accessible, Air North - the airline for the northern regions of Yukon and Northwest Territories - added more capacity and non-stop routes for the summer, betting on higher demand from what it said was "clear and growing interest among Canadians in exploring more of their own country" Air North said arrivals to Yukon rose 7.6% from January to June this year and the airline continues to see growth in demand for flights to northern Canada. Other Canadian carriers have reported similar trends: Porter Airlines increased its summer network capacity to domestic travel to 80% from 75%, while peer WestJet in May suspended nine routes between Canada and the United States citing lower demand. © (c) Copyright Thomson Reuters 2025.
The Diplomat
12 hours ago
- The Diplomat
International Labor Standards: The Missing Link in China-US Trade Negotiations
The China-U.S. trade war is often reduced to a dispute over cheap exports, but the real fault line runs deeper. China has built a powerful industrial strategy on the backs of low-cost labor and state-backed incentives, successfully attracting advanced multinationals and bringing their technology and supply chain resources into the country. While the United States outsourced its basic manufacturing, China turned so-called 'low-end' jobs into a launchpad for dominating high-value industries. This strategy has worked. BYD, once a low-tier battery maker, is now a top global electric vehicle manufacturer, beating Tesla in worldwide EV sales. Apple, for its part, poured billions into China – not just in assembly lines, but in R&D. As journalist Peter McGee documented in 'Apple and the Transformation of Chinese Manufacturing,' Apple's strict quality and engineering standards forced Chinese suppliers to level up. What began as low-cost outsourcing became a sophisticated, self-reinforcing innovation engine. This has become a key driver of innovation and global competitiveness in China's manufacturing sector. As the Chinese government aligned its labor policies with the profit motives of U.S. corporations, Washington debated tariffs. All this while, companies continue to rely on China's cheap labor to meet shareholder demands. China, in turn, gained leverage: any disruption to this arrangement would threaten the survival of many global brands. This entanglement has become so tight that it indirectly but powerfully shapes U.S. policy toward China, through the commercial interests and logistical dependence of American companies operating in China. But there's a darker cost buried in the foundations of this success. For over two decades, China Labor Watch has uncovered systemic labor issues in the supply chains of major U.S. and global brands operating in China. These are not isolated incidents, but are structural features of a model that exploits rural migrant workers, tolerates weak enforcement of labor laws, and prohibits independent unions. Global companies continue to profit from it. This exploitation does not just serve short-term commercial interests. It underpins China's ambitious vision of the 'great rejuvenation of the Chinese nation' and advancing its global hegemonic strategy of technological dominance and leadership. Even as parts of manufacturing move to Southeast Asia, those operations remain closely tethered to Chinese supply chains. The low-cost advantage remains China's unshakable core. If the U.S. wants to reduce its dependency and rebalance trade on fairer terms, it cannot ignore the labor question. It must confront China's labor governance head-on – even if doing so challenges American business interests in the short term. The Chinese government, for all its claims in its Constitution and the Communist Party's charter that China is a 'socialist state' that is 'led by the working class,' has built its economic ascent on the backs of exploited workers. While it publicly touts its commitment to workers' well-being, it has never admitted to the systemic nature of labor violations. Instead, the party-state continues to sidestep the issue through an official narrative of 'striving for workers' well-being,' and blame is deflected to multinational corporations. Many Chinese citizens, including some government officials, genuinely believe that the CCP's system can improve workers' lives. The structural roots of labor exploitation, inherent in the party's governance and economic model, are obscured. Labor rights activism thus becomes a sore subject for the government. To them, it is not just about a call for better wages or working conditions, but a direct challenge to the CCP's self-image. It exposes the ideological gulf between its promises and the lived experience of Chinese workers. If party leaders deny the existence of labor exploitation, they are telling an outright lie that will anger many workers; if they address the issue, it legitimizes that reality is at odds with the CCP's charter. This is precisely why labor advocates are treated with suspicion and often repression – but also some degree of caution. During the 2015 '709 Crackdown,' China jailed dozens of human rights lawyers, but took a softer approach with labor activists, quietly releasing them or assigning them jobs after detention to avoid international attention further escalating the issue. The goal was clear: to suppress attention and not provoke an international firestorm. A similar pattern played out in 2025, when Brazil sued BYD for alleged forced labor. Instead of lashing out at international critics, as it often does in response to human rights issues, China responded discreetly and promised an investigation. These examples reflect the nuance and sensitivity that the government applies to labor issues, as compared to human rights issues that it often rebuts. This different approach underscores the potential for labor issues to compel government action and, in turn, how international labor standards can be used as a tool for change. In other words, for the Chinese government, labor conditions resonate where abstract human rights appeals do not. From factory workers to office employees, the majority of China's workforce faces long hours, low wages, and little social protection. Labor violations aren't theoretical; they are everyday realities that could fuel domestic pressure and policy reform if exposed. Tools to address these problems already exist. In the United States, the Uyghur Forced Labor Prevention Act (UFLPA) and Section 307 of the Tariff Act have led to meaningful enforcement actions, even if many Uyghur workers are rarely found in primary factories supplying to the U.S. In the future, as additions to the UFLPA entity list are expected to slow, U.S. enforcement could shift toward broader supply chain interventions through the Withhold Release Orders (WROs), further expanding to address forced labor issues in supply chains, using enforcement to promote fairer labor standards. Yet despite the tools at Washington's disposal, labor concerns remain sidelined in mainstream trade discussions, drowned out by debates over tariffs, trade deficits, and subsidies. These traditional tools have struggled to move the needle on Chinese economic policy, which is largely built upon China's persistent low labor cost advantage. Labor, by contrast, is a pressure point the Chinese government is less prepared to resist, precisely because it implicates both the CCP's legitimacy and its economic model. Labor issues directly affect the immediate interests of the Chinese people, which concerns the government, and international labor standards can thus serve as an effective mechanism to expose the deeply rooted structural flaws in China's governance model. This is the moment for the United States and its allies in Europe to unite around labor standards as a strategic pillar of trade policy. As China-EU tensions continue to simmer, a coordinated, transatlantic approach, through shared standards, trade mechanisms, and enforcement frameworks, could significantly increase leverage over China's labor practices. This strategy not only advances sustainable global supply chains but also balances immediate commercial interests with long-term labor equity, benefiting workers in both the United States and China. Yes, there will be obstacles: political division among allies, corporate resistance, and China's likely counterattacks. But the stakes are too high to ignore. Fair labor standards not only strengthen global supply chains; they offer a pathway to a more just global economy, one where competitiveness does not rely on exploitation. Reshaping the rules of global trade will require more than rhetoric. It will require placing workers – American, Chinese, and others – at the center of policy. And that begins with recognizing that labor is not a side issue. It is the issue.
