In a bold escalation of cyber diplomacy tensions, China has accused the United States of launching cyberattacks on its defense infrastructure by exploiting a previously known vulnerability in Microsoft’s email servers. According to a statement from the Cyber Security Association of China, U.S. actors allegedly compromised servers at key Chinese military-linked enterprises using flaws in Microsoft Exchange.
The breaches reportedly went undetected for nearly a year, allowing extensive access to critical information. The association, though relatively obscure, is backed by China’s powerful Cyberspace Administration, signaling strong state interest in the allegation.
Microsoft: Both Nations Have Blamed Each Other
This development adds a twist to a pattern of mutual accusations. Microsoft, headquartered in Redmond, U.S., has previously blamed China for large-scale cyber intrusions, including the 2021 breach of tens of thousands of Exchange servers and the 2023 attack targeting U.S. government email accounts.
In turn, China is now reversing the narrative, suggesting that the same vulnerability used to blame Chinese groups was first exploited by the U.S. against Chinese defense systems.
U.S. Dismisses Specific Allegations, Maintains China’s Cyber Threat
The U.S. Embassy in Beijing declined to respond to the exact claims but reiterated that China remains “the most persistent cyber threat” to U.S. interests. The embassy cited attacks from Chinese state-linked groups like Salt Typhoon and Volt Typhoon, accused of targeting critical infrastructure and espionage.
American cybersecurity experts noted that China’s recent accusations may be a strategic countermeasure following a series of U.S. indictments and sanctions against alleged Chinese hackers.
A Geopolitical Cyber Blame Game
The tit-for-tat continues: In April, China named three NSA employees as culprits in hacking the Asian Winter Games, claiming they stole sensitive personal data. Meanwhile, the U.S. has routinely indicted Chinese hackers and released public statements on their operations—while China has historically refrained from making individual attributions against U.S. actors.
Cybersecurity professionals warn this growing pattern could disrupt global cooperation on cybercrime, as both countries use cyber attributions as tools of geopolitical influence.