US, allies accuse China of global cyber-hacking campaign

WASHINGTON, July 19 (Reuters) – The United States and a coalition of allies on Monday accused China of a global cyber-hacking campaign that employed contract hackers, specifically attributing a large Microsoft attack that was disclosed earlier this week. years to actors working on behalf of Beijing.

Opening a new area of ​​tension with China, the United States is joined by NATO, the European Union, Britain, Australia, Japan, New Zealand and Canada in leveling the allegations.

“The United States and countries around the world hold the People’s Republic of China responsible for its irresponsible, disruptive and destabilizing behavior in cyberspace, which poses a major threat to our economic and national security,” said Secretary of US State Anthony Blinken. said Monday in a statement.

Also on Monday, the US Department of Justice said four Chinese nationals – three security officials and a hacker – had been charged in connection with a global hacking campaign targeting dozens of businesses, universities and government agencies in the United States and abroad. The activities took place between 2011 and 2018 and focused on information that would significantly benefit Chinese businesses and enterprises, he said. Read more

The opening of a new front in governments’ war on piracy comes a month after G7 and NATO leaders agreed with President Joe Biden at summits in Cornwall, England and in Brussels to accuse China of posing systemic challenges to the world order.

Governments have officially attributed the intrusions into the Microsoft Exchange server that came to light in March to “cyber actors affiliated” with China’s State Security Ministry Blinken.

Governments have officially attributed the intrusions exploiting Microsoft Exchange server vulnerabilities that were disclosed in March to “cyber actors affiliated with” China’s State Security Ministry, Blinken said.

The Chinese Embassy in Washington did not immediately respond to a request for comment. Chinese officials have previously said that China is also a victim of hackers and opposes all forms of cyberattacks.

US officials said they were surprised at the extent and scale of the hacking attributed to China, as well as China’s use of “criminal hackers.”

“The PRC’s Ministry of State Security (MSS) has fostered an ecosystem of criminal hackers who carry out both state sponsored activities and cybercrime for their own financial gain,” Blinken said.

US security and intelligence agencies will showcase more than 50 techniques and procedures that “Chinese state-sponsored actors” use to target US networks, a senior administration official said.

Chinese state-sponsored cyber actors routinely scan target networks for critical and elevated vulnerabilities within days of public disclosure of the vulnerability, according to the 31-page U.S. cybersecurity advisory viewed by Reuters.

In recent months, the United States has focused its attention on Russia by accusing Russian cyber hackers of a series of ransomware attacks in the United States. Read more

In Monday’s announcement, US officials officially blamed the Chinese government “with great confidence” for the hack that hit US businesses and government agencies using a Microsoft messaging service. Microsoft (MSFT.O) has previously accused China of responsibility. Read more

The operation specifically exploited weaknesses in Microsoft’s exchange program, a common email software package. Cyber ​​security experts were shocked by the scale and volume of the incident, totaling thousands of potential American victims.

Senior administration official Biden said U.S. concerns over Chinese cyber activities have been raised with senior Chinese officials. “We are not ruling out other measures to hold the PRC to account,” the official said.

The United States and China are already at loggerheads over trade, the strengthening of the Chinese military, the crackdown on democracy activists in Hong Kong, the treatment of Uyghurs in the Xinjiang region and the aggression in the South China Sea.

The Biden administration issued a notice on Friday warning U.S. companies of the risks to their operations and businesses in Hong Kong after China imposed a new national security law last year.

Blinken cited the Justice Department’s indictment against the three Chinese security officers and a hacker as an example of how the United States will impose consequences.

The defendants and officials from the Hainan State Security Department, a regional state security office, tried to hide the Chinese government’s role in information theft using a shell company, according to the report. the indictment, which was handed down in May and unsealed on Friday.

The campaign targeted trade secrets in sectors such as aviation, defense, education, government, healthcare, biopharmaceutical and maritime industries, according to the Justice Department statement.

The victims were in Austria, Cambodia, Canada, Germany, Indonesia, Malaysia, Norway, Saudi Arabia, South Africa, Switzerland, the United Kingdom and the United States.

“These criminal charges underscore once again that China continues to use cyber attacks to steal what other countries are doing, in blatant disregard of its bilateral and multilateral commitments,” said the United States Deputy Attorney General, Lisa Monaco, in the press release.

Reporting by Steve Holland, David Shepardson, Doina Chiacu and Lisa Lambert; Editing by Lincoln Feast and Chizu Nomiyama

Our Standards: The Thomson Reuters Trust Principles.