(Ottawa) Canada joins the United States and other allies in blaming China for the massive cyber attack that compromised tens of thousands of computers around the world earlier this year.
The hackers exploited vulnerabilities in Microsoft’s Exchange mail servers, and the federal government estimates that about 400,000 servers worldwide were compromised before the online attack and server vulnerabilities came to light in March.
“The move has put thousands of Canadian companies at risk, and in some cases continues, even if Microsoft has taken the right steps,” Foreign Minister Mark Carnegio, Public Defense Minister Bill Blair and Defense Minister Harjit Sajjan said in a joint statement on Monday. “Canada firmly believes that the Ministry [chinois] State Security (MSE) is responsible for the widespread compromise of Microsoft Exchange servers. ”
Ministers say the attack was aimed at stealing intellectual property and gaining “a lot of information” and that a group already targeting Canada, ABD40, was one of several Chinese companies involved at the time. This.
However, the Canadian government argues that “ABD 40 is, of course, made up of elements of the MSE’s regional office of Hainan’s National Security Service.” “The group’s Internet activities targeted critical research in 2017 and 2018 on critical malicious cyber campaigns in the Canadian defense, maritime technologies and biopharmaceutical sectors.”
Ministers say the Canadian Cyber Security Center has issued a consultation to mitigate the ongoing threat posed by Microsoft Exchange server vulnerabilities.
Canada, the United States, Britain, the European Union (EU) and NATO joined forces on Monday to accuse China of being behind the cyber attacks. This is Beijing’s most recent public condemnation of Western countries seeking to repel the vicious online activities of foreign adversaries.
While these announcements are not accompanied by sanctions against the Chinese government, they are aimed at strongly condemning the actions described by a senior U.S. official as part of “irresponsible behavior in cyberspace.” They cited the persistent threat posed by Chinese government hackers, despite attempts by governments to prevent ransomware attacks from Russia targeting critical infrastructure.
Beijing denies any liability
A spokesman for the Chinese embassy in Washington did not immediately respond to a request for comment on Monday.
In the past, Beijing has always refused to engage in cyber attacks. A Foreign Ministry spokesman responded that China “strongly opposes and fights cyber-attacks and thefts in all their forms,” while warning that the cause of cyber-attacks should be based on evidence, not “baseless allegations”.
The latest round of allegations against China follows not only the attack on the Microsoft Exchange server, but also several high-profile ransomware incidents targeting public and private infrastructure and operations.
The Canadian Internet Security Agency released a statement last Friday outlining some of the threats that foreign actors could pose to the upcoming federal election campaign, which Prime Minister Justin Trudeau is likely to unleash in the coming weeks.
The Communications Security Agency (CST) report states that China, Russia and Iran have been responsible for online attacks and threats against democratic processes in Canada and other parts of the world since 2015.
Although Canada may have good defenses and is not currently a major target, CSE believes that emerging actors have the tools, ability and understanding to take action on the political landscape of this country. The future is “objective if they are motivated by a strategy”.
With the Associated Press