OTTAWA – Canada joined the United States and other allies on Monday in blaming China for a massive cyber attack that compromised tens of thousands of computers around the world earlier this year.
The attack saw hackers exploit weaknesses in Microsoft Exchange email servers, and the federal government estimated that 400,000 servers were compromised before the online attack and server vulnerabilities were revealed in March.
“This activity put several thousand Canadian entities at risk, a risk that persists in some cases even when Microsoft patches have been applied,” Foreign Minister Marc Garneau, Public Safety Minister Bill, said in the statement. Blair, and Defense Minister Harjit Sajjan.
“Canada is confident that the Ministry of State Security (of China) is responsible for the widespread compromise of exchange servers.”
The ministers went on to allege that the attack was aimed at stealing intellectual property and personal information, saying that a particular group called Advanced Persistent Threat Group 40, which they say previously targeted Canada, was among several Chinese entities involved this time.
“APT 40 almost certainly consists of elements from the MSS regional office of the Hainan State Security Department,” they said.
“The cyber activities of this group focused on critical research in Canada’s defense, ocean technologies and biopharmaceutical sectors in independent malicious cyber campaigns in 2017 and 2018.”
The Canadian Center for Cyber Security has released information on how to mitigate the threats posed by ongoing vulnerabilities within Microsoft Exchange servers, the ministers added.
Canada joined the US, Britain, the European Union and NATO on Monday in accusing China of being behind the attacks, the latest round of public denunciations and humiliations by Western countries seeking to reject the dire online activity of foreign adversaries.
The ads, while not accompanied by sanctions against the Chinese government, were intended to strongly condemn activities that a senior US official described as part of a “pattern of irresponsible behavior in cyberspace.”
They highlighted the constant threat from Chinese government hackers, even as the administration remains consumed with trying to curb ransomware attacks by Russia-based unions that have targeted critical infrastructure.
Canada joins its allies in blaming #China for the widespread email #cyberattack. #CD
The UK’s National Cyber Security Center said the Chinese groups were targeting maritime industries and naval defense contractors in the United States, Europe and the Finnish parliament.
In a statement, the EU’s foreign policy chief, Josep Borrell, said that the piracy “was carried out from the territory of China for the purpose of stealing intellectual property and espionage.”
NATO, in its first public condemnation of China for its piracy activities, called on Beijing to respect its international commitments and obligations “and act responsibly in the international system, including cyberspace.”
The Microsoft Exchange hack that months ago compromised tens of thousands of computers around the world was quickly attributed to Chinese cyberspies by private sector groups.
A spokesman for the Chinese embassy in Washington did not immediately return an email seeking comment on Monday.
China had already deflected blame for the attack, and a Foreign Ministry spokesman said the country “strongly opposes and fights cyber attacks and cyber theft in all its forms,” while warning that attribution of cyber attacks must be based on evidence and not on “unfounded accusations”.
The latest round of allegations against China follows not only the attack on the Microsoft Exchange server, but also a series of high-profile ransomware-related incidents that have targeted public and private infrastructure and operations.
Canada’s cybersecurity agency also released a report last Friday outlining some of the threats foreign actors could pose during the upcoming federal elections, which Prime Minister Justin Trudeau is expected to call in the coming weeks.
The Communication Security Establishment report specifically blamed most of the online attacks and threats on democratic processes in Canada and other parts of the world since 2015 on China, as well as Russia and Iran.
And while Canada may have good defenses and not be a major target now, the CSE said that a growing number of actors have the tools, capacity, and understanding of this country’s political landscape to take action in the future “if they intend to strategic “.
This Canadian Press report was first published on July 19, 2021.
– With files from The Associated Press