America, Australia, the European Union, United Kingdom, North Atlantic Treaty Organization, and other countries publicly criticized the Chinese Communist Party (CCP).
U.S. allies joined in blaming the CCP for orchestrating a major cyberattack on Microsoft and other breaches.
“[China’s] Ministry of State Security (MSS) has fostered an ecosystem of criminal contract hackers who carry out both state-sponsored activities and cybercrime for their own financial gain,” Secretary of State Antony Blinken said in a statement.
The secretary revealed the attacks in January affected at least 30,000 organizations around the world, including defense contractors and think tanks.
“Cyber actors affiliated with the MSS exploited vulnerabilities in Microsoft Exchange Server in a massive cyber espionage operation that indiscriminately compromised thousands of computers and networks, mostly belonging to private sector victims,” he said.
The U.S. Department of Justice has already indicted three MSS officers and one of their “contract hackers.”
“These contract hackers cost governments and businesses billions of dollars in stolen intellectual property, ransom payments, and cybersecurity mitigation efforts, all while the MSS had them on its payroll,” Blinken said. “The United States will impose consequences on PRC malicious cyber actors for their irresponsible behavior in cyberspace.”
However, the CCP quickly rejected the allegations. It accused the United States and allies of overstepping boundaries the regime considers to be fair and acceptable.
“The United States ganged up with its allies to make groundless accusations out of thin air against China on the cyber security issue,” Chinese Foreign Ministry spokesman Zhao Lijian said in a statement. “This act confuses right with wrong, and smears and suppresses China out of political purpose. China will never accept this.”
Zhao promptly concluded the allegations were based on “hearsay evidence” without conducting a thorough investigation.
President Joe Biden said the CCP may not have carried out the attacks directly but it was certainly aware of their actors’s activities. He supported Microsoft’s theory that Chinese cyber-espionage group Hafnium was responsible for the breach.
Microsoft’s Threat Intelligence Centre claims the responsible group is state-sponsored and operates outside of China.
However, the Democrats did not say exactly how they would make the CCP pay for its alleged “malicious” cyber attacks.
“The United States and countries around the world are holding the People’s Republic of China (CCP) accountable for its pattern of irresponsible, disruptive, and destabilizing behavior in cyberspace, which poses a major threat to our economic and national security,” Blinken said.