Britain and its allies, including Australia, hold Chinese state-backed groups responsible for “a pervasive pattern of hacking” involving attacks on Microsoft Exchange servers.
Australia’s Home Affairs Minister Karen Andrews urged China “to act responsibly in cyberspace”.
“The Australian Government joins international partners in expressing serious concerns about malicious cyber activities by China’s Ministry of State Security,” she said in a joint statement with Defence Minister Peter Dutton and Foreign Affairs Minister Marise Payne.
“In consultation with our partners, the Australian Government has determined that China’s Ministry of State Security exploited vulnerabilities in the Microsoft Exchange software to affect thousands of computers and networks worldwide, including in Australia.
“These actions have undermined international stability and security by opening the door to a range of other actors, including cybercriminals, who continue to exploit this vulnerability for illicit gain.”
The attacks occurred early this year and affected more than a quarter of a million servers worldwide, the British foreign ministry said on Monday.
“The cyberattack on Microsoft Exchange Server by Chinese state-backed groups was a reckless but familiar pattern of behavior,” British foreign minister Dominic Raab said in a statement. “The Chinese Government must end this systematic cyber sabotage and can expect to be held accountable if it does not.”
The foreign office said the attack was “highly likely to enable large-scale espionage”.
Britain and its allies attributed the Chinese Ministry of State Security as being behind the hacking groups known by security experts as “APT40” and “APT31”.
The US condemns ‘aggressive’ cyber attacks.
The Biden administration also blamed China for the hack of Microsoft Exchange email server software.
A senior administration official said China’s Ministry of State Security has been using criminal contract hackers, who have engaged in cyber-extortion schemes and theft for their own profit.
Even though the finger-pointing was not accompanied by any sanctions of China, a senior administration official who disclosed the actions to reporters said that the US has confronted senior Chinese officials and that the White House regards the multi-nation public shaming as sending an important message.
That hackers affiliated with the Ministry of State Security carried out a ransomware attack was surprising, and concerning to the US government, the senior administration official said. But the attack, in which an unidentified American company received a high-dollar ransom demand, also gave US officials new insight into what the official said was “the kind of aggressive behavior that we’re seeing coming out of China.”