On 20 July, the Chinese Foreign Ministry refuted the Western countries' accusations that the PRC's Ministry of State Security is linked to a global cyber hacking campaign, saying that those accusations are unwarranted.
Foreign ministry spokesman Zhao Lijian noted the accusations were politically motivated smears and the Biden administration had not provided enough evidence. The ministry also urged the US and its allies to stop cyber espionage. Moreover, China will take measures needed to defend cybersecurity, the ministry added.
The NSA, CISA, and the FBI claimed that Chinese state-sponsored cyber actors have performed reconnaissance on Microsoft 365, used short-term VPS devices to scan and exploit vulnerable Microsoft Exchange Outlook Web Access and plant webshells and targeted hybrid cloud environments to gain access to cloud resources.
The US government and its allies also alleged that hackers affiliated with China’s Ministry of State Security (MSS) were involved in the cyberattacks on the Microsoft Exchange email software, which became vulnerable to hackers under a global wave of cyberattacks and data breaches earlier this year.
China has repeatedly dismissed Western allegations that it was behind certain cyberattacks, expressing its readiness to cooperate on cybersecurity matters.
China Lodges Representation With New Zealand Over Cyber Allegations
China has made a representation to New Zealand after the latter accused Beijing of sponsoring cyberattacks, the embassy in Wellington said on 20 July.
On 19 July, the New Zealand minister responsible for the Government Communications Security Bureau, Andrew Little, claimed evidence of China-sponsored cyberattacks in the country.
"The accusation from the New Zealand side is totally groundless and irresponsible. China expresses strong dissatisfaction and firm opposition and has already lodged solemn representation with the NZ government," the statement read.
The embassy urged New Zealand to "abandon the Cold War mentality" and consider the issue professionally and responsibly rather than "manipulating political issues under the pretext of cybersecurity and mudslinging at others."