Never doubt for a moment that the regime in Beijing has malevolent intent toward the US and the West. Their determination to steal data and create havoc within our systems looms large enough that they have little compunction about using its own partners in the West for those attacks.
Perhaps Microsoft and Google learned a valuable lesson about partnering with China, the Chinese Communist Party, and Xi Jinping today. If not, then perhaps Microsoft's Sharepoint customers will learn a valuable lesson about partnering with Microsoft and Google:
Three China-linked hacking groups are among those responsible for a sweeping cyberattack against users of popular Microsoft server software that has already impacted dozens of organizations across the globe.
Federal investigators believe multiple U.S. government agencies are among the early victims of the ongoing cyber exploitation campaign, though the full scope is not yet clear, according to two U.S. officials with knowledge of the matter.
Microsoft confirmed in a blog post Tuesday that three Chinese hacking gangs — known as Violet Typhoon, Linen Typhoon and Storm-2603 — are involved in the hacking effort. At least two U.S. federal agencies are among the roughly 100 suspected victims of the hacks thus far, said one U.S. official directly involved in the incident response and a second who has been briefed on it. Both people were granted anonymity due to the ongoing nature of the incident.
What did the hackers want with this exploit? The Washington Post explains how this hack could create more problems for Sharepoint users than just closing the gap with a patch:
The attacks allowed hackers to extract cryptographic keys from servers run by Microsoft clients. Those keys, in turn, would let them install anything, including back doors that they could use to return. Federal and state agencies were affected, researchers previously told The Washington Post, but it remains unclear which of them were vulnerable to follow-up attacks.
Only versions of SharePoint that are hosted by the customer, not those in the cloud, are vulnerable. Microsoft issued effective patches for the last of the exposed versions by Monday.
While installing the patches should prevent new intrusions, customers also need to change the machine’s digital keys, apply anti-malware software and hunt for any breaches that have already occurred, Microsoft said.
The irony here, of course, is that Microsoft and Google have bent over backwards in their dealings with the Xi regime to access the China market. Both have long partnered with state-linked firms to help China build out its cyber infrastructure, and in doing so also help Xi build systems that censor and spy on its citizens. Even with China's hackers using that infrastructure to target the US government since at least 2015, Microsoft has kept looking for opportunities to expand its partnership with the CCP, as late as December 2023, for example.
Google had been backing away from China for the last few years already. They had bailed out in 2010 after clashing with Beijing over censorship, but came back in 2017-18 to offer a CCP-controlled search app and an AI project. Its employees forced an end to both projects after a public backlash:
But as China’s internet grew, Google was tempted to jump back in. In 2018, the company was developing a search app for China called Dragonfly, which would have censored information that was banned by the Chinese government. The project prompted outrage among Google employees and in 2019, the company said it stopped the effort.
Google also opened a center for artificial intelligence in China in 2017, saying “the science of A.I. has no borders.” Two years later, the company shut the center and emphasized that it was no longer conducting A.I. research in China.
We have now had a decade of cyberwarfare aimed at our national security infrastructure by China. It has not stopped, nor will it ever stop, not even if we normalize trade and offer tariff-free access to our markets. That's because Xi is not interested in profitable and friendly relations with the US; Xi wants to destroy American power and seize control of global commerce on his own terms.
Today's news should make that clear, but then again, it should have been clear all along. The only question now is whether the corporate quislings in the West will realize it, or whether they will continue to collaborate with Xi to the destruction of all others and the oppression of China's people. I know which way I'm betting.
Editor's note: For far too long, American administrations rolled over for China and offered short-sighted policies that left us vulnerable to hackers, spies, and slave-labor goods. Donald Trump has offered the first real pushback in a generation to Xi Jinping's manipulations, but the Protection Racket Media and corporate America don't want to admit it.
Help us stay on top of China's soft war against the West. Join the Hot Air VIP program and and use promo code FIGHT to get 60% off your VIP membership.
Join the conversation as a VIP Member