go to top
A Microsoft office in New York A Microsoft office in New York, Nov. 10, 2016 (AP photo by Swayne B. Hall).

China’s Microsoft Exchange Cyberattack Puts Biden in a Bind

Tuesday, April 27, 2021

The U.S. had barely begun its recovery from the SolarWinds compromise, when another large-scale, state-sponsored cyberattack came to light in January. Like the SolarWinds hack, the Microsoft Exchange Server data breach exploited several zero-day vulnerabilities and has been attributed to a nation-state. But unlike SolarWinds, while the Microsoft attack was initially a targeted attack, it went on to create widespread collateral damage, leading some commentators to characterize it as “reckless.” Microsoft has attributed the compromise to a Chinese state-sponsored espionage group called “Hafnium.”

Recent U.S. sanctions against Russia, in part motivated by the SolarWinds attack, have given rise to an expectation that the U.S. will respond against China for its alleged role in the Microsoft hack. Yet, so far, the U.S. response has been practical rather than symbolic, and domestic rather than geopolitical. More generally, invocations by the U.S. of the rules-based international order ring hollow given the lack of agreed norms for responsible state behavior in cyberspace. ...

To read more,

enter your email address then choose one of the three options below.

Subscribe to World Politics Review and you'll receive instant access to 10,000+ articles in the World Politics Review Library, along with new comprehensive analysis every weekday . . . written by leading topic experts.