facebook linkedin twitter

US, Allies Accuse China of Backing Cyber Attacks Worldwide

July 19, 2021 by Dan McCue
In this Jan. 28, 2020, file photo, a Microsoft computer is among items displayed at a Microsoft store in suburban Boston. The Biden administration on Monday, July 19, 2021, blamed China for a hack of Microsoft Exchange email server software that compromised tens of thousands of computers around the world earlier in the year. (AP Photo/Steven Senne)

The United States, NATO and several allies collectively called out China on Monday for a series of malicious cyber- and ransomware attacks, including a March attack that exploited a flaw in Microsoft’s Exchange Server.

Monday’s announcement, which followed a conference call with White House reporters Sunday night, marks the first time NATO, a military alliance formed to confront the threat posed by the former Soviet Union, has formally condemned China for its allegedly malicious cyber activities.

According to the U.S. and its allies, China’s Ministry of State Security is using contract hackers to conduct the attacks, many of which are being done for profit, including via ransomware.

The March attack using the Exchange flaw crippled tens of thousands of computers around the world.

“We’ve raised our concerns about both the Microsoft incident and the [China’s] broader malicious cyber activity with senior [Chinese] government officials, making clear that these actions threaten security, confidence, and stability in cyberspace,” a senior White House official said Sunday night. 

As part of Monday’s announcement, the Justice Department unveiled criminal charges against four Ministry of State Security hackers for a “multiyear campaign targeting foreign governments and entities in key sectors, including maritime, aviation, defense, education, and health care in a least a dozen countries.”

Microsoft had previously said it believed a hacking group known as HAFNIUM, a Chinese-state sponsored hacking group, was exploiting the vulnerabilities in the program. 

U.S. officials had said they were working to attribute the hack, which was first detected in March. Hackers used zero-day exploits to attack versions of Microsoft’s Exchange Server application and hack into victims’ email accounts.

The White House official attributed the delay between the March event and today’s announcement to the desire to definitively nail down who the bad actors were and to coordinate a response — “a collective defense partnership,” with global partners.

“[China’s] pattern of irresponsible behavior in cyberspace is inconsistent with its stated objective of being seen as a responsible leader in the world,” the official said. 

“Countries around the world are making it clear that concerns regarding the PRC’s malicious cyber activity is bringing them together to call out this activity, promote network defense and cybersecurity, and act to disrupt threats to our economies and national security,” the official added.

Despite its concern over China’s alleged cyber activities, the White House official said the U.S. is holding off taking specific actions to punish the Chinese government, but  leaving the door open to taking action in the future.

“The U.S. and our allies and partners are not ruling out further actions to hold [China] accountable,” the official said. “We are putting forward a common cyber approach with our allies and laying down clear expectations on how responsible nations behave in cyberspace.”

Cybercrime

November 13, 2021
by Victoria Turner
US Cyber Attack Defenses Assessed at Forum

WASHINGTON — The U.S. is at risk of creating a two-silo cybersecurity strategy impeding its ability to adequately address ever-evolving... Read More

WASHINGTON — The U.S. is at risk of creating a two-silo cybersecurity strategy impeding its ability to adequately address ever-evolving cyber threats from bad actors overseas, a former assistant secretary of defense said Friday. Speaking at an American Enterprise Institute event, Paul Stockton, who is now... Read More

November 9, 2021
by Dan McCue
SolarWinds Sued By Shareholders Over Epic 2020 Data Breach

GEORGETOWN, Del. — Shareholders are suing software provider SolarWinds Corp. in the Delaware Court of Chancery claiming the company directors... Read More

GEORGETOWN, Del. — Shareholders are suing software provider SolarWinds Corp. in the Delaware Court of Chancery claiming the company directors should have known of, and yet did nothing to mitigate, the risk of the massive data breach that took place in 2020. The plaintiffs, led by... Read More

November 2, 2021
by Tom Ramstack
Senate Hears how Criminals Infiltrate Online Sales with Stolen or Fake Goods

WASHINGTON — While toy makers warn Christmas shoppers to beware counterfeit or stolen toys in online purchases, a Senate panel... Read More

WASHINGTON — While toy makers warn Christmas shoppers to beware counterfeit or stolen toys in online purchases, a Senate panel on Tuesday examined options for stopping them. The Senate Judiciary Committee also heard about how knockoff online sales are moving from small-time illegal enterprises to organized... Read More

October 26, 2021
by Tom Ramstack
Bigger Government Role Expected to Protect Industry From Hackers

WASHINGTON — Large-scale cyberattacks continued this week in the United States and abroad as computer security experts told a congressional... Read More

WASHINGTON — Large-scale cyberattacks continued this week in the United States and abroad as computer security experts told a congressional panel Tuesday that more government intervention is needed. On Monday, Microsoft announced that Russia-backed hackers were trying to steal information technology to disrupt the global supply... Read More

October 26, 2021
by Tom Ramstack
Microsoft Says Russian Hackers Again Target Global Supply Chain

WASHINGTON — Microsoft announced Monday that the same hackers who tapped into U.S. government computers in the 2020 SolarWinds cyberattack... Read More

WASHINGTON — Microsoft announced Monday that the same hackers who tapped into U.S. government computers in the 2020 SolarWinds cyberattack continue to attack the global supply chain but with a slightly revamped strategy. This time, the Russia-backed group Microsoft calls Nobelium is piggybacking onto the software... Read More

October 22, 2021
by Reece Nations
Commerce Department Tightens Export Controls on Cybersecurity Items

WASHINGTON — The Department of Commerce’s Bureau of Industry and Security announced on Wednesday it would institute new export controls... Read More

WASHINGTON — The Department of Commerce’s Bureau of Industry and Security announced on Wednesday it would institute new export controls over cybersecurity items such as cyber intrusion software that can be used maliciously. The department’s new policy also creates a new license exception for authorized cybersecurity... Read More

News From The Well
scroll top