July 19, 2021
Compromise & exploitation of the Microsoft Exchange server undermined the security and integrity of thousands of computers and #networks worldwide, including in the member states and EU institutions.
Activities can be linked to the hacker groups known as #APT40 & #APT31 and have been conducted from the territory of China for the purpose of intellectual property theft and espionage.
The #US has long been concerned about the People's Republic of China's (PRC) irresponsible & destabilizing behavior in cyberspace.
An unprecedented group of allies and partners - including the European Union, the #UK, and #NATO - are joining the U.S in exposing and criticizing the PRC's malicious cyber activities.
The PRC's pattern of irresponsible behavior in cyberspace is inconsistent with its stated objective of being seen as a responsible leader in the world. Today, countries around the world are making it clear that concerns regarding the PRC's malicious cyber activities is bringing them together to call out those activities, promote #network defense and #cybersecurity, and act to disrupt #threats to our #economies and #national #security.
Attributing with a high degree of confidence that malicious cyber actors affiliated with PRC's Ministry of State Security (MSS) conducted #cyber #espionage operations utilizing the zero-day vulnerabilities in #Microsoft #Exchange #Server disclosed in early March 2021.
We are aware that PRC government-affiliated cyber operators have conducted #ransomware operations against private #companies that have included ransom demands of millions of dollars. The PRC's unwillingness to address criminal activity by contract hackers harms governments, businesses, and critical infrastructure operators through billions of dollars in lost intellectual property, proprietary information, ransom payments, and mitigation efforts.