The EU and its Member States denounced on Monday 19 July the “malicious cyber activities” attributed to China, “which have had a significant impact on our economy, security, democracy, and society as a whole”, said a statement by the High Representative of the Union for Foreign Affairs and Security Policy, Josep Borrell, issued on behalf of the EU-27.
“The EU and its Member States believe that these malicious cyber activities were conducted from the territory of China”, the statement said.
“The compromising and exploitation of the Microsoft Exchange server has affected the security and integrity of thousands of computers and networks worldwide, including in EU Member States and institutions.”
It also provided access to “a significant number of hackers, who have continued to exploit the compromise to this day”.
The Commission declined to give details of the attacks, which may be “linked to the hacker groups known as Advanced Persistent Threat 40 and Advanced Persistent Threat 31 and were carried out from the territory of China for the purpose of intellectual property theft and espionage”, the High Representative confirmed.
Several international partners, such as the UK, issued a similar statement on 19 July or were preparing to do so, according to Reuters, as did the US. (Original version in French by Solenn Paulic)