According to the White House, China has been teaming up with criminals in order to attack American cyber-assets. The Financial Times reports:
The White House has accused the Chinese government of teaming up with criminal gangs to commit widespread cyber attacks, including one on Microsoft this year that affected tens of thousands of organisations.
The accusation came as the US Justice department unsealed an indictment alleging that four Chinese nationals affiliated with the Ministry of State Security had overseen a separate campaign to hack companies, universities and government entities in the US and overseas between 2011 and 2018.
A senior administration official said: “[China’s] MSS — Ministry of State Security — uses criminal contract hackers to conduct unsanctioned cyber operations globally, including for their own personal profit.
“Their operations include criminal activities, such as cyber-enabled extortion, crypto-jacking and theft from victims around the world for financial gain.”
The official added that the US had a “high degree of confidence” that attackers on the MSS payroll had carried out the offensive on Microsoft’s Exchange email application, which was disclosed in March. One cyber security researcher claimed it hit at least 30,000 organisations, including businesses and local governments. The White House did not state which particular group of hackers or contractors were responsible for the attacks.
The US move to condemn China on Monday was supported by a coalition of allies, including the EU, UK, Australia, Canada, New Zealand, Japan and Nato.
The European Council said that the Microsoft Exchange hack constituted “irresponsible and harmful behaviour” which had resulted in security risks and “significant economic loss” for government institutions and private companies across Europe.
Nato said it noted that cyber threats to the alliance were increasingly “complex, destructive and coercive”, and called on all states, “including China” to uphold their commitments to act responsibly in cyber space.
The UK, which has previously been more reticent than the US in calling out hostile activity by China, said for the first time on Monday that it considers two Chinese hacking groups, APT 40 and APT 31, to be linked to China’s MSS.
British officials have been concerned by the increasing recklessness of Chinese-backed cyber activity, and have been raising their objections privately with Beijing for the past three years, to no effect.
The joint action marked a new front in Washington’s battle against the rising tide of ransomware attacks, which have largely been blamed until now on gangs believed to be operating out of Russia.
Read more here.