The United Kingdom (UK), the United States(US) and the EU have all accused China of carrying out a major cyber-attack earlier this year targeted Microsoft Exchange servers, affecting at least 30,000 organisations globally.
The UK says Chinese state-backed actors were responsible, while the EU said the attack came from “the territory of China”.
China is accused of exploiting a vulnerability in Microsoft Exchange which allowed backdoors to be placed on systems that allowed further access.
The backdoors used by the Chinese group were also exploited by other hacking groups, leaving systems vulnerable to ransomware attacks and espionage.
The UK said the attack was likely to enable large-scale espionage, including the acquisition of personal information and intellectual property.
“The cyberattack on Microsoft Exchange Server by Chinese state-backed groups was a reckless but familiar pattern of behaviour,” UK Foreign Secretary Dominic Raab said. “The Chinese Government must end this systematic cyber-sabotage and can expect to be held to account if it does not.”
The Chinese Ministry of State Security (MSS) has also been accused of wider espionage activity and a broader pattern of “reckless” behaviour.
This is not the first time China has been accused of hacking, however, the country has denied all these allegations saying it opposes all forms of cyber-crime.
The unified call-out of Beijing signals the gravity with which this case has been taken. Western intelligence officials say aspects of this case are markedly more serious than anything they have seen before.
Western governments accuse the MSS of using hackers-for hire and want it to sever ties with them.
In a statement, the United States said it was “deeply concerned” that China had “fostered an intelligence enterprise that includes contract hackers who also conduct unsanctioned cyber-operations worldwide, including for their own personal profit”.
The EU said the hack had “resulted in security risks and significant economic loss for our government institutions and private companies” also adding that it had seen other Chinese behaviour that it was calling out at the same time. It linked it to two groups known as APT 40 and APT 31 which are believed to be linked to the MSS.
Despite the strong statements, there are no signs of sanctions against China