Get All Access for $5/mo

Microsoft Seizes 42 Websites Used by China-Based Hacking Group to Carry Out Cyberattacks on US Organizations In a news release, the technology corporation said that a federal court in Virginia had granted Microsoft's Dec. 2 request to allow its Digital Crimes Unit to seize the U.S.-based websites.

By The Epoch Times Edited by Charles Muselli

Opinions expressed by Entrepreneur contributors are their own.

Microsoft seized a number of websites that were being used by a China-based hacking firm to carry out cyberattacks against organizations in the United States and 28 other countries around the world, the company announced on Monday.

In a news release, the technology corporation said that a federal court in Virginia had granted Microsoft's Dec. 2 request to allow its Digital Crimes Unit to seize the U.S.-based websites, which were being run by a hacker group known as Nickel, APT15, orVixen Panda, and stop them from carrying out such attacks.

Microsoft said it has been tracking Nickel since 2016 and monitoring these specific operations since 2019.

"We believe these attacks were largely being used for intelligence gathering from government agencies, think tanks, and human rights organizations," Microsoft's corporate vice president of customer security and trust, Tom Burt, said.

The company is redirecting the websites' traffic to secure Microsoft servers to "help us protect existing and future victims while learning more about Nickel's activities."

However, Burt noted that "our disruption will not prevent Nickel from continuing other hacking activities, but we do believe we have removed a key piece of the infrastructure the group has been relying on for this latest wave of attacks."

The hackers' "highly sophisticated" attacks use a variety of techniques but often consist of installing inconspicuous malware that allows for data theft and surveillance.

"Sometimes, Nickel's attacks used compromised third-party virtual private network (VPN) suppliers or stolen credentials obtained from spear-phishing campaigns," Burt said. "In some observed activity, Nickel malware used exploits targeting unpatched on-premises Exchange Server and SharePoint systems. However, we have not observed any new vulnerabilities in Microsoft products as part of these attacks."

Microsoft has created "unique signatures to detect and protect from known Nickel activity" through its various security products, such as the Microsoft 365 Defender.

The hackers' attacks targeted both organizations in the private and public sectors, including diplomatic organizations and ministries of foreign affairs in North America, Central America, South America, the Caribbean, Europe, and Africa.

"There is often a correlation between Nickel's targets and China's geopolitical interests," Microsoft said.

Microsoft said it will continue to "take down malicious infrastructure, better understand actor tactics, protect our customers and inform the broader debate on acceptable norms in cyberspace," but acknowledged that it alone cannot prevent such attacks from cybercriminals.

The tech giant called on others operating within the industry, as well as governments and civil society to "come together and establish a new consensus for what is and isn't appropriate behavior in cyberspace."

So far, the company said its Digital Crimes Unit, through 24 lawsuits—five of which were against nation-state actors—had taken down more than 10,000 malicious websites used by cybercriminals and almost 600 used by nation-state actors, and had blocked the registration of 600,000 more.

The Biden administration and U.S. cybersecurity agencies have warned that hacking by the People's Republic of China's (PRC) presents a "major threat" to the United States and its allies.

In July, the administration accused the Chinese government of being behind a hacking campaign against Microsoft, which allowed the attackers to exploit a flaw in a Microsoft email application to go after a number of American targets, including a university and local governments.

"We have raised our concerns about both this incident and the PRC's broader malicious cyber activity with senior PRC Government officials, making clear that the PRC's actions threaten security, confidence, and stability in cyberspace," the White House said in a statement at the time.

In August, the White House announced that a number of the country's leading technology companies have pledged to invest billions of dollars to bolster cybersecurity by training tens of thousands of people in cybersecurity skills, enhancing open-source software security, and providing technical services to help local governments boost security protections.

By Katabella Roberts

Katabella Roberts is a reporter currently based in Turkey. She covers news and business for The Epoch Times, focusing primarily on the United States.

The Epoch Times, founded in 2000, is headquartered in Manhattan, New York, with a mission to provide independent and accurate information free of political bias or corporate influence. The organization was established in response to censorship within China and a lack of global awareness regarding the Chinese regime's repression of the spiritual practice Falun Gong.

The Epoch Times is a widely read newspaper that is distributed in 33 countries and is available in 21 languages. The publication has been critical in providing balanced and detailed reporting on major global events such as the 2003 SARS pandemic and the 2008 financial crisis. Notably, the organization has played a key role in exposing corruption inside China.

Aside from its human rights coverage, The Epoch Times has made significant contributions in a variety of fields. It has received praise for its in-depth analysis and expert perspectives on business, the economy and U.S. politics. The newspaper has also received praise for its broad coverage of these topics.

A series of editorials titled "Nine Commentaries on the Communist Party" appeared in The Epoch Times in 2004. It asserts that freedom and prosperity in China can only be achieved by eliminating the Communist Party, which violated China's cultural and spiritual values. In addition, the organization led the Tuidang movement, which resulted in over 400 million Chinese citizens quitting the Communist Party. In spite of this, 90% of websites referring to the "Nine Commentaries" were blocked by the Chinese regime.

The Epoch Times has been at the forefront of investigating high-level corruption cases within the Chinese regime, with its reporters taking significant risks to uncover these stories. The organization has received several awards for its investigative journalism.

The organization has received several awards for its investigative journalism. For more, visit www.theepochtimes.com.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Business Solutions

Increase Productivity with This Microsoft 365 Subscription, Now $25 Off

It can make the entrepreneur life a lot easier.

Business News

Apple Pay Later Is Ending. Here's What's Taking Its Place.

The program was available for less than a year.

Leadership

This Artist Answered a Businessman's 'Powerful' Question — Then His Work Became 'the Poster Child for Juneteenth': 'Your Network Really Becomes Your Net Worth'

Reginald Adams was the executive director of a Houston-based art museum for more than a decade before he decided to launch his own public art and design firm.

Leadership

Harvard Business School Professor Says 65% of Startups Fail for One Reason. Here's How to Avoid It.

Team alignment isn't nice to have -- it's critical for running a successful business.

Business News

Here's What Companies Are Open and Closed on Juneteenth 2024

Since it became a holiday in 2021, Juneteenth has been recognized by some major corporations as a paid day off.

Growing a Business

I Hit $100 Million in Annual Revenue by Being More Transparent — Here Are the 3 Strategies That Helped Me Succeed

Three road-tested ways to be more transparent and build relationships that can transform your business — without leaving you feeling nightmarishly over-exposed.