The administration made the announcement with a collection of allies and partners, including the European Union, the United Kingdom, Canada, Australia, New Zealand, Japan and NATO.
A Biden administration official announced this is the first time NATO has denounced China's cyber activities.
"No one action can change China's behavior in cyberspace and neither can just one country acting on its own," a senior administration official announced. "Our allies and partners are a tremendous source of strength and a unique American advantage, and our collective approach to cyber threat information sharing and defense."
The Microsoft Exchange hack was first identified in January and was attributed to Chinese cyberspies by private sector organizations. An administration official explained that the government’s attribution to hackers affiliated with China’s Ministry of State Security took until now somewhat because of the discovery of the ransomware and for-profit hacking operations and because the administration wanted to pair the announcement with direction for businesses regarding the methods that the Chinese have been practicing.
A Chinese Foreign Ministry spokesperson, asked about the Microsoft Exchange hack, beforehand told the Associated Press that China "firmly opposes and combats cyberattacks and cyber theft in all forms" and warned that attribution of cyberattacks should be based on proof and not "groundless accusations."
Though the Biden administration and allied countries further disclosed a broad range of other cyber-threats from Beijing, including ransomware attacks from government-affiliated hackers that have targeted companies with demands for millions of dollars.
An official announced the PRC's Ministry of State Security uses criminal contract hackers to convoy unsanctioned cyber operations globally, including for their own personal gain. The official explained that activities range from criminal activities, like cyber-enabled extortion, to crypto-jacking, and theft from sufferers around the world for financial profit.
In the meantime, a senior administration official explained that the National Security Agency, Cybersecurity and Infrastructure Security Agency, and the FBI, will expose over 50 tactics, techniques and procedures that Chinese state-sponsored cyber actors used when targeting U.S. and allied networks, along with advice for technical mitigations to confront this threat.
Biden administration officials announced they have raised concerns about the Microsoft incident and the PRC's "broader malicious cyber activities" with senior PRC government officials, saying they are "making clear" that their actions threaten "security, confidence and stability in cyberspace."
"The U.S. and our allies and partners are not ruling out further actions to hold the PRC accountable," a senior administration official said.