A sophisticated cyberattack orchestrated by Chinese state-sponsored hackers has exposed vulnerabilities in the global cybersecurity infrastructure, targeting critical COVID-19 research from American universities and exploiting Microsoft Exchange servers worldwide. As Xu awaits extradition proceedings in Italy, the case serves as a stark reminder of the persistent threat posed by state-sponsored cyber operations and the critical importance of international cooperation in combating these sophisticated attacks on global cybersecurity infrastructure. In July 2021, the United States, along with the European Union, the United Kingdom, Australia, Canada, New Zealand, Japan, and NATO, formally attributed the attacks to the Chinese government and condemned the PRC’s role in malicious cyber activities. The Justice Department’s announcement represents part of a broader crackdown on Chinese cyber espionage, with multiple recent cases targeting individuals accused of working for Beijing’s intelligence services. The Shanghai State Security Bureau, one of the most aggressive and internationally active units of the MSS, maintains an extensive network of front companies and conducts global espionage operations. Operating under the direction of China’s Ministry of State Security (MSS) and its Shanghai State Security Bureau (SSSB), the hackers targeted U.S. universities, immunologists, and virologists engaged in developing vaccines, treatments, and testing protocols. “This arrest underscores the United States’ patient and tireless commitment to pursuing hackers who seek to steal information belonging to U.S. companies and universities,” said John A. The Justice Department announced the arrest of a key figure in this operation, marking a significant milestone in the fight against state-sponsored cyber espionage. The cyber espionage operation expanded dramatically in late 2020 when Xu and his co-conspirators began exploiting zero-day vulnerabilities in Microsoft Exchange Server. The HAFNIUM group has since evolved into what security researchers now track as “Silk Typhoon,” continuing to target large corporations and government entities. The case highlights the broader challenge posed by Chinese cyber operations, which U.S. officials say exceed those of all other foreign governments combined. This network of private companies and contractors provided Beijing with plausible deniability while conducting extensive cyber espionage campaigns. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Between February 2020 and June 2021, Xu and his associates conducted a systematic campaign to steal critical COVID-19 research from American institutions. Kaaviya is a Security Editor and fellow reporter with Cyber Security News. In April 2021, the Justice Department conducted a court-authorized operation to remove web shells from hundreds of vulnerable computers in the United States. Ltd., described by prosecutors as one of many “enabling” companies that conducted hacking operations for the Chinese government.
This Cyber News was published on cybersecuritynews.com. Publication date: Wed, 09 Jul 2025 12:55:17 +0000