In a rare evening press release, Australia has joined several international partners accusing Chinese state security officials of responsibility for malicious cyber activities.
Soon after 9pm (EST) on Monday 19 July, the Australian Government issued a coordinated statement alongside NATO, the European Union, UK, USA, Canada, New Zealand and Japan.
It confirms Australia has determined that China's Ministry of State Security (MSS) is responsible for recent attacks on Microsoft Exchange software, and expresses “serious concerns” about reports “from our international partners” of further malicious activity.
Microsoft had already issued a statement, on March 2, asserting that attack, by a group named ‘Hafnium’, had originated in China:
“Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to HAFNIUM, a group assessed to be state-sponsored and operating out of China, based on observed victimology, tactics and procedures.”
Other countries and organisations issued more strident statements overnight, providing more information.
NATO reaffirmed its defensive mandate, confirming “the Alliance is determined to employ the full range of capabilities, as applicable, at all times to actively deter, defend against, and counter the full spectrum of cyber threats, in accordance with international law.”
The White House alleges “hackers with a history of working for the PRC Ministry of State Security (MSS) have engaged in ransomware attacks, cyber enabled extortion, crypto-jacking, and rank theft from victims around the world, all for financial gain.”
In addition, the US Department of Justice levelled criminal charges against four Chinese government hackers, for a “multiyear campaign targeting foreign governments and entities in key sectors, including maritime, aviation, defence, education, and healthcare in a least a dozen countries.”
The UK asserts that “widespread, credible evidence demonstrates that sustained, irresponsible cyber activity emanating from China continues;” and that “the Chinese government has ignored repeated calls to end its reckless campaign, instead allowing its state-backed actors to increase the scale of their attacks and act recklessly when caught.”
The European Union “and its member states strongly denounce these malicious cyber activities,” but does not make specific allegations against Chinese state actors, simply urging Beijing to take actions “against malicious cyber activity being conducted from within its territory.”
The Australian statement was jointly issued by Minister for Foreign Affairs Marise Payne, Minister for Home Affairs Karen Andrews, and Minister for Defence Peter Dutton.