Britain and its allies, including Australia, hold Chinese state-backed groups responsible for “a pervasive pattern of hacking” involving attacks on Microsoft Exchange servers.
Australia’s Home Affairs Minister Karen Andrews urged China “to act responsibly in cyberspace”.
“The Australian Government joins international partners in expressing serious concerns about malicious cyber activities by China’s Ministry of State Security,” she said in a joint statement with Defence Minister Peter Dutton and Foreign Affairs Minister Marise Payne.
“In consultation with our partners, the Australian Government has determined that China’s Ministry of State Security exploited vulnerabilities in the Microsoft Exchange software to affect thousands of computers and networks worldwide, including in Australia.
“These actions have undermined international stability and security by opening the door to a range of other actors, including cyber criminals, who continue to exploit this vulnerability for illicit gain.”
The attacks took place early this year and affected more than a quarter of a million servers worldwide, the British foreign ministry said on Monday.
“The cyber attack on Microsoft Exchange Server by Chinese state-backed groups was a reckless but familiar pattern of behaviour,” British foreign minister Dominic Raab said in a statement.
“The Chinese Government must end this systematic cyber sabotage and can expect to be held account if it does not.”
The foreign office said the attack was “highly likely to enable large-scale espionage”.
It added Britain and its allies attributed the Chinese Ministry of State Security as being behind the hacking groups known by security experts as “APT40” and “APT31”.
US condemns ‘aggressive’ cyber attacks
The Biden administration also blamed China for the hack of Microsoft Exchange email server software.
A senior administration official said China’s Ministry of State Security has been using criminal contract hackers, who have engaged in cyber extortion schemes and theft for their own profit.
Even though the finger-pointing was not accompanied by any sanctions of China, a senior administration official who disclosed the actions to reporters said that the US has confronted senior Chinese officials and that the White House regards the multi-nation public shaming as sending an importance message.
That hackers affiliated with the Ministry of State Security carried out a ransomware attack was surprising and concerning to the US government, the senior administration official said.
But the attack, in which an unidentified American company received a high-dollar ransom demand, also gave US officials new insight into what the official said was “the kind of aggressive behavior that we’re seeing coming out of China.”
EU says attacks have had ‘significant effects’
The European Union also blamed China for what it said were malicious cyber activities with “significant effects” that targeted government institutions and political organisations in the EU and its 27 member states, as well as key European industries.
In a statement, the EU’s foreign policy chief Josep Borrell said the hacking was “conducted from the territory of China for the purpose of intellectual property theft and espionage.”
The majority of the most damaging and high-profile recent ransomware attacks have involved Russian criminal gangs.
Though the US has sometimes seen connections between Russian intelligence agencies and individual hackers, the use of criminal contract hackers by the Chinese government “to conduct unsanctioned cyber operations globally is distinct,” the official said.
The Microsoft Exchange hack was first identified in January and was rapidly attributed to Chinese cyber spies by private sector groups.
Additional reporting: Reuters