Australia has joined a chorus of international democracies condemning state sanctioned Chinese hacking, attributing last year’s Microsoft Exchange hack to the Chinese government.
In a joint statement by Minister for Foreign Affairs Marise Payne, Minister for Defence Peter Dutton and Minister for Home Affairs Karen Andrews, the Australian government outlined that such activities have deteriorated global peace and stability.
Sources have determined that last year's Microsoft Exchange hack had infected between 60,000 to 250,000 computers, although the full extent of the downstream infections may never be known.
“In consultation with our partners, the Australian Government has determined that China's Ministry of State Security exploited vulnerabilities in the Microsoft Exchange software to affect thousands of computers and networks worldwide, including in Australia. These actions have undermined international stability and security by opening the door to a range of other actors, including cybercriminals, who continue to exploit this vulnerability for illicit gain,” the joint statement read.
“The Australian Government is also seriously concerned about reports from our international partners that China's Ministry of State Security is engaging contract hackers who have carried out cyber-enabled intellectual property theft for personal gain and to provide commercial advantage to the Chinese Government.”
Australia has stood with the US, UK, the European Union, New Zealand, Canada and NATO in addressing the Chinese government sanctioned cyber attacks.
US Secretary of State Anthony Blinken suggested that the Chinese government has been working intimately with cyber criminals.
"The [People's Republic of China's] Ministry of State Security has fostered an ecosystem of criminal contract hackers who carry out both state-sponsored activities and cyber crime for their own financial gain," he said.
"Responsible states do not indiscriminately compromise global network security nor knowingly harbor cyber criminals – let alone sponsor or collaborate with them."
The condemnation comes after Australia and 30 other nations held Russia responsible for the SolarWinds hack.
The statement reassured Australians that the country's cyber security is strong, although continued vigilance in the industry.
"Australia's cyber security posture is strong, but there is no room for complacency given the online threat environment is constantly evolving. Protecting Australia from malicious cyber activity – be it by state actors or cyber criminals – requires a continuous improvement approach to cyber security practices across all levels of society including government, business and households," it said.
More to follow.