Canada joins allies blaming Chinese-backed groups for Microsoft email attack
By Sarah Turnbull
Click here for updates on this story
OTTAWA (CTV Network) — The federal government is blaming Chinese state-sponsored cyber activity for a recent “unprecedented and indiscriminate exploitation” of Microsoft exchange servers, in an attack they say continues to put Canadians’ intellectual property and personal information at risk.
In a joint statement issued Monday, Foreign Affairs Minister Marc Garneau, Defence Minister Harjit Sajjan, and Public Safety Minister Bill Blair said Canada is “confident” that China’s Ministry of State Security (MSS) was behind the recent Microsoft Exchange Server hack.
“Canada believes it is highly likely that this cyber activity was intended to gain access to networks worldwide for the theft of intellectual property and to acquire vast quantities of personally identifiable information,” the statement reads.
While Microsoft addressed vulnerabilities in its exchange servers in early March, the statement warns the risk “persists in some cases even when patches from Microsoft have been applied.”
On Monday, the Biden administration issued a statement pointing blame at China, stating that it would hold the country “accountable for its pattern of irresponsible, disruptive, and destabilising behaviour in cyberspace, which poses a major threat to our economic and national security.”
Meanwhile, the U.S. Justice Department announced charges against four Chinese nationals who prosecutors said were working with the MSS in a hacking campaign that targeted dozens of computer systems, including companies, universities and government entities.
The European Union and Britain also issued similar statements Monday. The EU said malicious cyber activities with “significant effects” that targeted government institutions, political organizations and key industries in the bloc’s 27 member states could be linked to Chinese hacking groups. The U.K.’s National Cyber Security Centre said the groups targeted maritime industries and naval defence contractors in the U.S. and Europe, as well as the Finnish parliament.
The North Atlantic Treaty Organization weighed in too, underlining its member objectives to “act responsibly” in the international system including cyberspace.
“Reaffirming NATO’s defensive mandate, the Alliance is determined to employ the full range of capabilities, as applicable, at all times to actively deter, defend against, and counter the full spectrum of cyber threats, in accordance with international law. NATO will continue to adapt to the evolving cyber threat landscape, which is affected by both state and non-state actors, including state-sponsored,” a statement reads.
The Canadian statement notes that the hacker group it believes responsible for the Microsoft attack is also linked to separate cyber campaigns, in 2017 and 2018, that targeted defence, ocean technologies, and biopharmaceutical sectors.
“Canada remains committed to working with partners to support the open, reliable and secure use of cyberspace and calls on China to act responsibly and cease this pattern of irresponsible and harmful cyberspace behaviour. These kinds of reckless actions cannot be accepted and tolerated by responsible state-actors,” the statement reads.
The Canadian Centre for Cyber Security has also released information about the Microsoft Exchange Server attack and guidance to prevent exploitation.
With files from The Associated Press.
Please note: This content carries a strict local market embargo. If you share the same market as the contributor of this article, you may not use it on any platform.
Sonja Puzicctvnews.caproducers@bellmedia.ca