The Foreign Secretary said the UK and allies including the United States had identified state-backed groups responsible for hacks on computer networks around the world.
The onslaught took place in early 2021, affecting more than a quarter of a million servers worldwide.
Joe Biden’s White House directly accused China of being behind it today, accusing it of acting for financial gain.
Beijing is using ‘criminal contract hackers to conduct unsanctioned cyber operations globally, including to their own personal profit,’ a senior administration official told reporters on a briefing call last night.
The EU Australia, Canada, New Zealand, Japan, and NATO also joined in the condemnation of Beijing as cyber hacks surge around the world.
Mr Raab said: ‘The cyber attack on Microsoft Exchange Server by Chinese state-backed groups was a reckless but familiar pattern of behaviour.
‘The Chinese Government must end this systematic cyber sabotage and can expect to be held to account if it does not.’
Dominic Raab today demanded China stops its ‘systematic cyber sabotage’ as state-backed groups were blamed for Microsoft Exchange attacks
The Foreign Secretary said the UK and allies had identified those responsible for the attempts to gain access to computer networks around the world
The Joe Biden administration led a worldwide condemnation of China for state-sponsored ransomware attacks
The US accused China of hiring contract cyber hackers for financial gain; above Chinese President Xi Jinping speaks on the 100th anniversary of the founding of the Communist Party of China
Warnings were issued by authorities in the US and Europe in March about weaknesses found in Microsoft’s Exchange software, and the tech giant issued a patch to close the vulnerability.
The loopholes being exploited allowed an attacker to take over any reachable Exchange server, without the need to know any valid account credentials, making internet-connected Exchange servers especially vulnerable.
One such attack was said to be on the Norwegian Parliament.
The security holes in mail and calendars systems were thought to have been used by at least ten different hacking groups are involved, according to cyber-security firm ESET.
The hackers were believed to have installed malware to open backdoors to email systems, allowing them to read emails or see contacts within that organisation with ease.
A group known as Hafnium is believed to have compromised Microsoft Exchange, allowing it further access into the IT networks of victims, with at least 30,000 organisations around the world confirmed to have been hit.
Officials said the National Cyber Security Centre (NCSC) is ‘almost certain’ that the compromise was initiated and exploited by a Chinese state-backed actor and it is ‘highly likely’ that Hafnium is associated with the Chinese state.
NCSC director of operations Paul Chichester said: ‘The attack on Microsoft Exchange servers is another serious example of a malicious act by Chinese state-backed actors in cyberspace.
‘This kind of behaviour is completely unacceptable, and alongside our partners we will not hesitate to call it out when we see it.’
The UK is also attributing the Chinese ministry of state security (MSS) as being behind activity known by cyber security experts as ‘APT40’ and ‘APT31’.
The APT40 group has been blamed for activities including targeting maritime industries and naval defence contractors.
APT31 has been accused of targeting government entities, including the Finnish parliament, and political figures.
Cybersecurity experts claimed in March that at least 10 hacking groups used a flaw in Microsoft’s email software to break in to targets around the world
ESET found exploits on 5,000 servers in 115 countries – with the majority in the US, UK and Germany, as seen by the darker areas of this graph denoting the percentage of exploits found
The European Union joined the UK in blaming the attacks on hackers based in China, although it did not explicitly link them to the Chinese state.
EU high representative Josep Borrell said: ‘The compromise and exploitation of the Microsoft Exchange server undermined the security and integrity of thousands of computers and networks worldwide, including in the member states and EU institutions.
‘It allowed access to a significant number of hackers that have continued to exploit the compromise to date.
‘This irresponsible and harmful behaviour resulted in security risks and significant economic loss for our government institutions and private companies, and has shown significant spill-over and systemic effects for our security, economy and society at large.’
A Nato statement said the alliance ‘is determined to employ the full range of capabilities, as applicable, at all times to actively deter, defend against and counter the full spectrum of cyber threats, in accordance with international law’.
Microsoft’s corporate vice president Tom Burt said: ‘Attributions like these will help the international community ensure those behind indiscriminate attacks are held accountable.
‘Governments involved in this attribution have taken an important and positive step that will contribute to our collective security.
‘Transparency is critical if we’re to combat the rising cyberattacks we see across the planet against individuals, organisations and nations.’.