The United States on Monday accused Beijing of being behind a massive cyber attack against US tech giant Microsoft and indicted four Chinese hackers, while Washington and its allies condemned China’s “malicious” cyber activity in concerted statements.
The March hack that compromised tens of thousands of Microsoft Exchange email servers around the world is part of a “pattern of irresponsible, disruptive and destabilizing behavior in cyberspace” by China, “posing a major threat for our economic and national security, ”said Secretary of State Antony Blinken.
China’s Ministry of State Security (MSS) “has fostered an ecosystem of criminal hackers who carry out state-sponsored activities and cybercrime for their own financial gain,” he added.
The US Department of Justice reported at the same time that four Chinese citizens, including “three MSS agents,” had been charged with hacking into the computers of dozens of companies, universities, and government agencies in the United States and abroad between 2011 and 2018.
In many countries, including Germany and Indonesia, the stolen data had to do with autonomous vehicles, chemical formulas or genetic chain technology, according to US prosecutors.
“The United States will impose consequences on China’s malicious cybercriminals for their irresponsible behavior in cyberspace,” said Blinken, pointing to the indictment.
President Joe Biden said the United States will complete an investigation before taking any countermeasures, and drew a parallel with the cybercrime that Western countries attribute to Russia.
“The Chinese government, like the Russian government, is not doing this (the cyberattacks) itself, but is protecting those who are doing it, and perhaps even allowing them to do it,” Biden told reporters. in the White House.
The Democratic president, like his Republican predecessor Donald Trump, has increased the pressure on China, regarding the rising Asian power as the main long-term threat to the United States.
In a step that the Biden administration called unprecedented, the United States coordinated its statement with its allies: the European Union (EU), the United Kingdom, Australia, Canada, New Zealand, Japan and NATO.
Although everyone chose their words carefully, this is the broadest condemnation yet of Chinese digital activities. However, there was no announcement of sanctions or retaliation, which, according to experts, limits its scope.
“The Chinese government must end its systematic cyber sabotage and must be held accountable if it does not do so,” emphasized British Foreign Minister Dominic Raab.
More cautiously, NATO issued a statement saying that it “took note” of the US, British and Canadian statements on China and expressed “solidarity”.
A US official said it is the first time that NATO, the military alliance founded in 1949 to confront the Soviet Union, has condemned China’s cyber activity. Last month NATO warned about the “systemic challenges” presented by Beijing.
The EU for its part urged the Chinese authorities “to take measures against malicious cyber activities carried out from their territory”, without directly blaming the Chinese government for the cyber attack against Microsoft.
The European bloc also denounced the activity of hackers, known as APT40 and APT31 (for “Advanced Persistent Threat”) who, it indicated, have carried out attacks from China “for the purpose of stealing intellectual property and espionage.”
“It’s good to see the breadth of international cooperation,” Frank Cilluffo, a cybersecurity specialist at Auburn University, told ..
But “we must ensure that there are consequences to induce changes in the behavior of the Chinese government,” he said.
A senior US official on condition of anonymity said Washington and its allies do not exclude “other actions” for China to fulfill its responsibilities.
The cyberattack against Microsoft, which exploited flaws in the Microsoft Exchange service, affected at least 30,000 US organizations, including local governments, as well as entities around the world.
The tech giant had already indicted a group of hackers linked to Beijing called “Hafnium.”
Known for stealing trade secrets, Chinese hackers may also be motivated by “personal gain,” said senior administration official Biden.
He spoke of extortion attempts and “million dollar ransom demands” directed at private companies by Chinese hackers.
Ransomware attacks, which involve encrypting a target’s data and demanding money in exchange for decryption, are also on the rise, and several large companies have recently been attacked in the United States.
American specialists attribute them to hackers in Russia.