The White House and its Western allies accused the Chinese government of cooperating with criminal groups to carry out a wide range of cyber attacks, including this year’s attack on Microsoft, which affected tens of thousands of organizations.
The allegations came when the U.S. Department of Justice released an indictment accusing four Chinese nationals under the Ministry of National Security of overseeing a separate activity from 2011 to 2018 to infiltrate companies and universities in the United States and overseas And government agencies.
US Secretary of State Anthony Brinken stated that China’s actions pose a “major threat” to the economy and national security. “Responsible countries will not indiscriminately endanger global cybersecurity, nor will they deliberately harbor cybercriminals-let alone sponsor or cooperate with them,” he added.
A senior government official stated that the United States “highly believes” that those who attacked MSS payroll have implemented it. Attack on Microsoft Exchange Email application disclosed in March. A cybersecurity researcher claimed that it attacked at least 30,000 organizations, including businesses and local governments. The White House did not specify which specific hacker groups or contractors were responsible for the attack.
The US move to condemn China on Monday was supported by an alliance of allies, including European and NATO allies, which have traditionally been wary of publicly criticizing Beijing. Diplomats hope that by exposing MSS’s connection with criminal hackers, they will persuade the Chinese government to cut ties with these groups. However, it is not clear what action will be taken if China does not comply.
The European Commission stated that the Microsoft Exchange hacking constituted “irresponsible and harmful behavior”, which brought security risks and “significant economic losses” to European government agencies and private companies.
NATO stated that it has noticed the increasing “complex, destructive and coercive” cyber threats facing the alliance and called on all countries “including China” to abide by their commitment to take responsible actions in cyberspace.
The UK stated for the first time on Monday that it believes that two Chinese hacker groups APT 40 and APT 31 are connected to China’s MSS.
British officials have been worried that China-supported cyber activities are becoming more and more reckless, and have privately raised objections to Beijing for the past three years, but to no avail. Using criminal gangs to conduct cyber espionage and intellectual property theft makes it easier for the Chinese government to deny their involvement in these activities-a problem that Western allies want to face now.
The joint operation marked a new front in Washington against the rising tide. Ransomware attackUntil now, this was mainly attributed to groups believed to be operating outside Russia.
At the same time, according to the indictment of the U.S. Department of Justice, four Chinese citizens targeted the aviation, defense, education, government, healthcare, and biopharmaceutical industries in the United States, Canada, Germany, Saudi Arabia, and the United Kingdom within 7 years. A hacker attack was carried out. .
It claims that hackers stole information about sensitive technologies, such as maintenance of self-driving cars and commercial aircraft, and research on infectious diseases related to Ebola, Middle East Respiratory Syndrome and HIV. This group was formerly known as APT 40, also known as “Bronze”.
The indictment lists three Chinese citizens—Ding Xiaoyang, Cheng Qingmin and Zhu Yunmin—as national security officials in Hainan Province, who allegedly set up a front company to conceal government involvement in hacking operations.
The fourth man, Wu Shurong, was accused of being a hacker. He allegedly created malicious software, invaded computer systems operated by foreign governments, companies and universities, and supervised other members of the hacker team.
Threats from cyber attacks Has spread During the pandemic, hackers took advantage of vulnerabilities exposed by employees working remotely.
The United States faces increasing pressure to act.President Joe Biden warned Russian President Vladimir Putin this month that Moscow will Face the consequences If it fails to take action against the ransomware attackers, these attackers will usually seize the company’s data or systems and demand payment to release it.
US officials also stated that they were “surprised” to discover that individuals associated with China’s MSS were behind the ransomware attacks, and hackers demanded millions of dollars from an unnamed US company.
U.S. Department of Justice charged In September last year, five Chinese citizens participated in a state support organization called APT41, which invaded more than 100 companies worldwide.