Go to home page

British GCHQ Takes Credit for Instigating Fraud That ‘Chinese Government Hacked Microsoft’

July 20, 2021 (EIRNS)—“The U.K. has revealed that Chinese state-backed actors were responsible for gaining access to computer networks around the world via Microsoft Exchange Servers,” the U.K. National Cyber Security Center (NCSC) announced in a press statement yesterday. The aim of this alleged “most significant and widespread cyber intrusion against the U.K. and allies uncovered to date,” the NCSC asserted, was “to enable large-scale espionage” by the Chinese state.

The hacking of Microsoft’s business servers was detected last March. Then, yesterday, the great outcry became that China has been “proven” to have been behind the hacking. How timely. President Biden has been seeking a meeting with President Xi Jinping, and last week, a State Department spokesman named Afghanistan as one of the few areas where the U.S. and China can cooperate.

U.K. Foreign Secretary Dominic Raab and U.S. Secretary of State Tony Blinken issued parallel statements, Blinken’s pontificating that China’s “pattern of irresponsible, disruptive, and destabilizing behavior in cyberspace ... poses a major threat to our economic and national security,” Raab’s promising the “Chinese government must end this systematic cyber sabotage and can expect to be held account if it does not.”

And what is the NCSC? An agency of Great Britain’s Government Communications Headquarters (GCHQ) intelligence and cyber agency,  notorious for, amongst other things, its leading role in the “Russiagate” operation against U.S. President Donald Trump which sank his efforts to establish a working relationship with Russian President Vladimir Putin.

NCSC has now announced that it has “assessed that it was highly likely that a group known as HAFNIUM, which is associated with the Chinese state, was responsible for the activity” of “gaining access to computer networks around the world via Microsoft Exchange servers.” Furthermore, that “the U.K. is also attributing the Chinese Ministry of State Security as being behind activity known in open source as ‘APT40’ and ‘APT31.’  Activity relating to APT40 included the targeting maritime industries and naval defense contractors in the U.S. and Europe, and for APT31 the targeting of government entities, including the Finnish parliament in 2020.”

The small print of a chart accompanying the NCSC statement admits that it has no proof for any of its three key points:

The NCSC is only “almost certain” that the Microsoft Exchange hack was carried out by the HAFNIUM; it is only “highly likely” that HAFNIUM is associated with the Chinese state; and likewise only “highly likely” that the attack “enabled large-scale espionage” [emphasis added]. (As for the APT31 group charged with targeting Finland, the NCSC is also “almost certain” that those hackers are affiliated to the Chinese state, and it isn’t even “highly likely,” only “likely,” that it works for China’s Ministry of State Security.)

A hue and cry has arisen as to why the U.S. did not impose sanctions on China for its “almost certain” hacking. Yesterday, Biden defended that decision on the grounds that “it is my understanding that the Chinese government, not unlike the Russian government, is not doing this themselves, but are protecting those who are doing it and maybe even accommodating them being able to do it.”

Back to top    Go to home page clear