Australia has joined the US and other allies in calling out China over its global hacking activities, saying it has undermined international security.
The broad coalition condemning the spying activity also included the European Union, NATO, Britain, Canada Japan and New Zealand.
The countries blamed China’s Ministry of State and Security for exploiting vulnerabilities in Microsoft Exchange software, resulting in up to 30,000 businesses being affected globally.
Home Affairs Minister Karen Andrews said the global coalition had expressed “serious concerns” about the “malicious cyber activities”.
“This targeted thousands of computers and networks worldwide, including Australia,” she told reporters on Tuesday.
“It opened the door for cyber-criminals to exploit the private sector for illicit gain. All countries, including China, should act responsibly in cyber-space.”
Ms Andrews described the hacking activity as a “significant data breach”, which enabled the systems affected to be externally controlled.
The attacks primarily took place in January this year, with the minister labelling them a “timely reminder” of the need for businesses and individuals to enhance their cyber security protections.
Ms Andrews said China had been publicly “called out” over their behaviour and denied there would be no consequence for their actions.
“They won’t get away with it scot-free,” she said. “There is significant reputational damage to China – they have been called out.”
In previous cases, Australia has avoided naming the countries responsible for cyber attacks, such as the breach against the Australian National University in late 2018.
Ms Andrews said the global support had played a role in Australia’s willingness to this time publicly out China as being behind the attack.
“Australia publicly attributes cyber-incident when is it’s in our interests to do so, especially those with the potential to undermine global economic growth, national security, and international stability,” she said.
Ms Andrews said the hacking activity primarily affected businesses and organisations rather than individuals.
A spokesperson for the Chinese Embassy in Washington, Liu Pengyu, called the accusations against China “irresponsible.”
“The Chinese government and relevant personnel never engage in cyber attacks or cyber theft,” Liu said in a statement.
British foreign minister Dominic Raab also described the cyber activity as “reckless”, but said it followed a “familiar pattern of behaviour”.
“The Chinese Government must end this systematic cyber sabotage and can expect to be held account if it does not,” he said in a statement.
Britain’s foreign office said the attack was “highly likely to enable large-scale espionage” and affected more than a quarter of a million servers worldwide.
It added Britain and its allies attributed the Chinese Ministry of State Security as being behind the hacking groups known by security experts as “APT40” and “APT31”.
US condemns ‘aggressive’ cyber attacks
The Biden administration also blamed China for the hack of Microsoft Exchange email server software.
A senior administration official said China’s Ministry of State Security has been using criminal contract hackers, who have engaged in cyber extortion schemes and theft for their own profit.
Even though the finger-pointing was not accompanied by any sanctions of China, a senior administration official who disclosed the actions to reporters said that the US has confronted senior Chinese officials and that the White House regards the multi-nation public shaming as sending an importance message.
That hackers affiliated with the Ministry of State Security carried out a ransomware attack was surprising and concerning to the US government, the senior administration official said.
But the attack, in which an unidentified American company received a high-dollar ransom demand, also gave US officials new insight into what the official said was “the kind of aggressive behavior that we’re seeing coming out of China.”
EU says attacks have had ‘significant effects’
The European Union also blamed China for what it said were malicious cyber activities with “significant effects” that targeted government institutions and political organisations in the EU and its 27 member states, as well as key European industries.
In a statement, the EU’s foreign policy chief Josep Borrell said the hacking was “conducted from the territory of China for the purpose of intellectual property theft and espionage.”
The majority of the most damaging and high-profile recent ransomware attacks have involved Russian criminal gangs.
Though the US has sometimes seen connections between Russian intelligence agencies and individual hackers, the use of criminal contract hackers by the Chinese government “to conduct unsanctioned cyber operations globally is distinct,” the official said.
The Microsoft Exchange hack was first identified in January and was rapidly attributed to Chinese cyber spies by private sector groups.
Additional reporting: Reuters