US and allies condemn China for massive cyberattack against Microsoft email servers
U.S. cyber officials, joined by many of the country's major allies,
blamed hackers with ties to the Chinese government for a massive cyberattack against the Microsoft Corporation's email servers
earlier this year.
In spring, a cyberattack against the Microsoft Exchange email server
hit over 30,000 American organizations and hundreds of thousands more groups around the world, rendering them even more vulnerable to cyber intrusion. Most of the victims were small businesses. Others included schools, hospitals, pharmacies and even local and city governments.
Both the
Federal Bureau of Investigation and the
National Security Agency said they have "high confidence" that the hackers were contracted by the Chinese
Ministry of State Security (MSS).
A senior official at the White House said that other hackers affiliated with the Chinese government were also responsible for a recent ransomware attack against an unnamed American corporation. (Related:
Another critical U.S. sector just paid a ransomware hacking collective … is our country under attack by China?)
In addition, the United States has indicted four Chinese citizens over a range of different hacking intrusions dating back a decade. These cyberattacks allegedly resulted in the theft of research and corporate secrets from universities and companies around the world.
Three of the four indicted Chinese nationals were described as officers of the MSS, while the fourth was said to be employed with a Chinese front company that aids the MSS in its cyberattacks.
"The United States and countries around the world are holding the People's Republic of China accountable for its pattern of irresponsible, disruptive and destabilizing behavior in cyberspace, which poses a major threat to our economic and national security," said Secretary of State Anthony Blinken on Monday, July 19.
Blinken added that the MSS had "fostered an ecosystem of criminal contract hackers who carry out both state-sponsored activities and cybercrime for their own financial gain."
U.S. and allies teaming up to confront global threat of Chinese cyberattacks
The U.S. was joined by some of its major global allies in calling out the Chinese government's penchant for sponsoring cyberattacks. These allies included the United Kingdom, New Zealand, Japan, Canada, Australia, the European Union and the
North Atlantic Treaty Organization.
Biden administration officials said this joint statement with the country's allies is the largest collective condemnation of China's state-sponsored illicit cyber activities.
The statements of the different nations varied but were united in calling out China for sponsoring cyberattacks, including those targetting intellectual property.
The White House added that this will hopefully act as a signal to China that any future illicit cyber activities will prompt the countries that condemned it to unite to protect their networks.
This is already happening, as the nations that joined the U.S. have pledged to share more intelligence on cyber threats and to collaborate on network defenses and security.
While the U.S. and its allies have promised to cooperate against future attacks, their statements did not mention any new punitive measures against China, such as new sanctions or diplomatic expulsions. But an official in the White House said it is "not ruling out further actions" to hold Beijing accountable.
This stands in stark contrast with how Biden recently punished Russia for alleged malicious cyber activity. The discrepancy has earned the White House strong criticism from cybersecurity experts.
Dmitri Alperovitch, chairman of a Washington, D.C.-based cybersecurity think tank, said the lack of concrete actions against China "looks like a double standard compared with actions against Russian actors."
"We treat China with kid gloves," said Alperovitch.
Learn more about the threats posed by Chinese cyberattacks to the country's national security by reading the latest articles at
NationalSecurity.news.
Sources include:
Yahoo.com
WSJ.com
CNBC.com