Britain, the US and the European Union accused China of carrying out a major cyber attack earlier this year. The attack targeted Microsoft exchange server and affected at least 30,000 companies worldwide. Britain said that Chinese officials are responsible of this attack and Europe said that cyber attack came from the Chinese area.
China’s Ministry of State Security (MSS) has also charged with more spying and a broader pattern of “rashness” behavior. China has previously denied allegations of hacking, saying it is against all forms of cybercrime.
The only call from Beijing signaled the seriousness of handling this case. Western intelligence said this aspect of the case was far more serious than anything they had seen before.
Hackers exploited vulnerability in Microsoft Exchange that opened a backdoor to the system that could grant further access.
Britain said the attack was likely to allow for large-scale espionage, including the acquisition of personal information and intellectual property.
The backdoor used by the Chinese group also use the other hacker groups, leaving the system vulnerable to attacks and espionage from ransomware.
In the UK, the National Cybersecurity Center (NCSC) has advised more than 70 organizations.
“Cyber attacks on Microsoft Exchange Server by government-sponsored Chinese groups are a vicious but notorious pattern of behavior,” said British Foreign Secretary Dominic Raab. “The Chinese government must put an end to this systematic cyber sabotage and can be held accountable if it doesn’t.”
Western governments accuse MSS of using hired hackers and want to cut ties with them.
In a statement, the White House said it was “deeply concerned” that China had “sponsored an intelligence firm that includes contract hackers who also conduct unauthorized cyber operations around the world, also for their own personal gain.”
The EU meanwhile said the hack had “created significant security risks and economic losses for our public institutions and private companies”.
His testimony, similar to that of the British, also said that he had seen other Chinese behavior that he also promoted. He linked it to two groups known as APT 40 and APT 31, which believe to linked to the MSS.
Despite the strong statement, there is no sign of sanctions against China. Instead, new sanctions imposed on Russia over the recent Solar Winds campaign, which many experts say is not as severe as Microsoft’s campaign in China.
Microsoft released details of the hack in March, saying it is responsible for a China-affiliated group called Hafnium. China rejects the accusations.
The widespread use of Microsoft Exchange has left many businesses and organizations vulnerable and has gone to great lengths to mitigate potential risks.
At the time, the US Department of Justice announced criminal charges against four MSS hackers linked to a long-running campaign targeting foreign governments and agencies in key sectors in at least a dozen countries.