Earlier this year, the United States and other countries accused China of being the chief culprit of Microsoft Exchange hackers
The United States and its allies on Monday formally accused China of massive intrusion into Microsoft Exchange email server software, and accused Beijing of cooperating with criminal hackers in ransomware attacks and other cyber operations.
Although these announcements are not accompanied by sanctions on the Chinese government, their purpose is to strongly condemn part of the “irresponsible behavior pattern in cyberspace” referred to by senior officials in the Biden administration.
They highlighted the continuing threat from hackers from the Chinese government, even though the government is still working hard to contain ransomware attacks by Russian groups targeting critical infrastructure.
The widespread cyber threats from Beijing disclosed on Monday included ransomware attacks from government affiliated hackers that targeted victims — including in the United States and Canada — demanding millions of dollars. US officials stated that China’s Ministry of National Security has been using criminal contract hackers who engage in cyber extortion and theft for personal gain, the official said.
At the same time, the U.S. Department of Justice announced on Monday that it had filed charges against four Chinese citizens. Prosecutors said they were cooperating with the Department of National Security in hacking dozens of computer systems, including companies, universities, and government entities. The defendant was accused of stealing trade secrets and confidential business information.
The difference from April is that When public accusations of Russian hacking were combined with a series of sanctions against Moscow, The Biden administration did not announce any action against Beijing. Nonetheless, a senior government official who briefed reporters said that the United States has clashed with senior Chinese officials, and the White House regards the public humiliation of many countries as sending out an important message.
The European Union and the United Kingdom have also called on China. The EU stated that malicious cyber activities with “significant impact” targeting government agencies, political organizations and key industries in the 27 EU member states may be related to Chinese hacker organizations. The UK’s National Cyber ??Security Centre stated that the targets of these groups are the maritime industry and naval defense contractors in the United States and Europe, as well as the Finnish Parliament.
Watch | Canadians may be attacked by a large-scale Microsoft hack
In a statement, Josep Borrell, the head of EU foreign policy, stated that the hacking “was carried out in China with the purpose of stealing intellectual property rights and engaging in espionage activities.”
British Foreign Secretary Dominic Raab stated that “the Microsoft Exchange cyberattack initiated by a group supported by the Chinese government is a reckless but familiar pattern of behavior”.
NATO publicly condemned China’s hacking activities for the first time, calling on Beijing to abide by its international commitments and obligations, and “act responsibly in the international system, including cyberspace.” The alliance expressed its determination to “actively deter, defend and respond to a full range of cyber threats.”
The senior government official said that the involvement of hackers under the Ministry of National Security in ransomware is surprising and worries the US government. However, in this attack, an unidentified US company received a high ransom demand, which also gave US officials a new understanding of what the official said “we have seen aggression from China.”
Most of the most destructive and high-profile recent ransomware attacks involve Russian criminal groups. The official said that although the United States sometimes finds links between Russian intelligence agencies and individual hackers, it is quite different for the Chinese government to use criminal contract hackers to “perform unauthorized cyber operations on a global scale.”
A few months ago, Microsoft Exchange hackers hacked tens of thousands of computers around the world, and were quickly blamed on Chinese cyber espionage by private sector groups. A government official stated that the government has only now attributed the attack to hackers affiliated with China’s Ministry of National Security, partly because of the discovery of ransomware and for-profit hacking activities, and the government hopes to combine announcements with guidance. The strategy used by the enterprise.
A consulting report issued by the FBI, the National Security Agency, and the Cybersecurity and Infrastructure Security Agency on Monday listed specific technologies and methods that government agencies and companies can protect themselves.
A spokesperson for the Chinese Embassy in Washington did not immediately respond to an email seeking comment on Monday. However, a spokesperson for the Chinese Ministry of Foreign Affairs has previously shirked responsibility for the hacking of the Microsoft Exchange, saying that China “resolutely opposes and combats all forms of cyber attacks and cyber theft” and warned that the attribution of cyber attacks should be based on evidence, not “Unreasonable accusations.” “