US-based security company Cybereason accused hacking groups backed by China’s government of gaining control of a number of operators’ internal systems across Southeast Asia by taking advantage of security weaknesses in Microsoft’s Exchange servers.

The hacking effort ran from 2017 to Q1 2021, accessing phone records and location data from operators in the region, Cybereason reported in a blog. It stated the attackers’ goal was to gain and maintain continuous access to telecoms providers and enable cyberespionage by collecting sensitive information.

During an investigation, Cybereason identified three clusters of activity and showed significant connections to known groups, all suspected to be operating on behalf of the Chinese state.

It noted the same weaknesses in Microsoft Exchange security had recently been flagged by the US government in public criticism alleging attacks by China’s Ministry of State Security.

Responding to a question about the US rebuke at a regular press briefing last month, Chinese Foreign Ministry representative Zhao Lijian said the “US ganged up with its allies to make groundless accusations out of thin air against China on the cybersecurity issue. This act confuses right with wrong, and smears and suppresses China out of political purpose”.