UK holds China responsible for ‘pervasive pattern of hacking’

The UK is joining likeminded partners to confirm that Chinese state-backed actors were responsible for gaining access to computer networks around the world via Microsoft Exchange servers.

The attacks, which took place in early 2021, affected over a quarter of a million servers worldwide. The attack was highly likely to enable large-scale espionage, including acquiring personally identifiable information and intellectual property.

At the time of the attack, the UK quickly provided advice and recommended actions to those affected and Microsoft said that by end of March that 92 per cent of customers had patched against the vulnerability.

The UK is also attributing the Chinese Ministry of State Security as being behind activity known by cyber security experts as ‘APT40’ and ‘APT31’. According to the Foreign Office, the Chinese government has ignored repeated calls to end its reckless campaign, instead allowing its state-backed actors to increase the scale of their attacks and act recklessly when caught.

The UK is calling on China to reaffirm the commitment made to the UK in 2015 and as part of the G20 not to conduct or support cyber-enabled theft of intellectual property of trade secrets.

Foreign Secretary Dominic Raab said: “The cyber attack on Microsoft Exchange Server by Chinese state-backed groups was a reckless but familiar pattern of behaviour. The Chinese Government must end this systematic cyber sabotage and can expect to be held account if it does not.”