China rejects baseless accusations of links to Microsoft SharePoint attack

The Chinese Embassy in the U.S. on Wednesday rejected claims that the recent cyberattacks on Microsoft's SharePoint servers are linked to China.

In a blog post on Tuesday, Microsoft said it "observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon" leveraging vulnerabilities in its internet-facing SharePoint servers, adding that a third group based in China also exploited the software flaws.

In response, Liu Pengyu, a spokesperson of Chinese Embassy in the U.S., emphasized that cyberattacks are a common threat faced by all countries and China is also a victim of such threats.

Liu reiterated China's "consistent and clear" stance that it firmly opposes and cracks down on all forms of cyberattacks and cybercrime.

"At the same time, we also firmly oppose smearing others without solid evidence," said the spokesperson.

Microsoft's SharePoint servers are extensively used by organizations for document sharing and internal collaboration. On Saturday, the tech giant warned of a "zero-day" flaw – previously unknown and not yet patched – in its SharePoint servers that was being actively exploited.

Microsoft clarified the attacks only affect the on-premises SharePoint servers and do not impact the online service part.

The company has since released comprehensive security updates to address these vulnerabilities across all supported versions of SharePoint Server, including Subscription Edition, 2019 and 2016.