The Council of the European Union called on China on Monday to take action against malicious cyberactivities undertaken from its territory and affecting the EU economy and security, citing the exploitation of the Microsoft Exchange server that undermined “thousands of computers and networks worldwide” as an example.
According to the EU declaration, the compromise of the server “resulted in security risks and significant economic loss for our government institutions and private companies, and has shown significant spill-over and systemic effects for our security, economy and society at large.”
The declaration also mentioned malicious cyberactivities, linked to Advanced Persistent Threat 40 and Advanced Persistent Threat 31 hacker groups and conducted from the Chinese territory.
“The EU and its Member States strongly denounce these malicious cyber activities, which are undertaken in contradiction with the norms of responsible state behavior as endorsed by all UN Member States. We continue to urge the Chinese authorities to adhere to these norms and not allow its territory to be used for malicious cyber activities, and take all appropriate measures and reasonably available and feasible steps to detect, investigate and address the situation,” the council said.
The Council of the EU pledged to continue to work on the establishment of a program of action under the UN auspices to support responsible state behavior in cyberspace.