US accuses China of hacking Microsoft Exchange

The government of The United States accused China of the cyberattack on the Microsoft Exchange mail server on Monday that has compromised tens of thousands of computers around the world this year.

The government and several allied countries have also issued a long list of cyber threats attributed to the Beijing regime, such as ransomware attacks by government-associated hackers who attacked companies to demand ransoms from millionaires.

the China’s State Security Ministry Turned To Hired Cyber ​​Criminals Who Engaged In Extortion And Theft Programs For Their Benefita senior US government official told reporters.

China’s cyber activities pose “a serious threat to the economy and national security” of the United States and its allies, the source said. As he advanced, “an unprecedented group of allies and partners, including the European Union, UK, Australia, Canada, New Zealand and NATO to join US in exposing malicious cyber activity by China’s Ministry of Security”.

The announcements, a move that could have major geopolitical consequences, highlighted the growing virtual threat posed by Chinese government hackers as the U.S. government struggles to curb ransomware attacks by illegal groups in Russia against infrastructure crucial such as a large pipeline.

The American official assured that the United States and its allies “will hold China accountable”, but did not reveal the type of actions they plan to take. Although the indictment does not include sanctions for Beijing, the prominent official who briefed the press said the United States had directly raised the issue with Chinese authorities and the White House believed that the Public signals from various countries sent a relevant message.

Meanwhile, the US Department of Justice on Monday announced the presentation of charges against four Chinese citizens that, according to prosecutors, they collaborated with the State Security Department in a hacking campaign targeting dozens of computer systems, including businesses, universities and government entities.

The fact that hackers associated with the Department of State Security carried out a ransomware attack is surprising and disturbing for the US government, the official noted. But the attack on Microsoft, in which a large dollar ransom was demanded from an American company, also gave authorities more information about “the kind of aggressive behavior that we have seen from China. “.

The The European Union also indicted China for what it described as malicious virtual activities with “significant effects” against government institutions and political organizations in the EU and its 27 member states., as well as against important European industries.

The attack “was carried out from within Chinese territory for the purpose of espionage and theft of intellectual property,” EU foreign policy chief Josep Borrell said in a statement.

Most of the major and most damaging ransomware attacks have involved Russian criminal gangs. Although the United States has at times identified links between Russian intelligence agencies and hackers, the use of cybercriminals as Chinese government contractors “to conduct unauthorized operations is striking,” the Minister said. responsible.

The attack on Microsoft Exchange was identified in January and was quickly attributed to Chinese cyber spies via private groups.. A government official said it was never attributed to hackers affiliated with China’s State Security Ministry in part due to the ransomware discovery and for-profit operations, and because the government wanted to accompany the announcement with recommendations to companies on tactics used in Chinese attacks.

As the Wall Street Journal reported in March, the cyberattack may have affected some 250,000 computer systems around the world. The European Banking Authority, the Norwegian Parliament and the Chilean Financial Markets Commission were also victims of the attack.

Ransomware or blackmail attacks, which involve blocking data on victims’ servers and then demanding money to restore access, are on the rise and have been hit by large US companies recently, though. that mainly due to a part of pirates linked to Russia.

A statement Monday from the FBI, the National Security Agency and the Cybersecurity and Infrastructure Security Agency detailed specific techniques and means by which businesses and government agencies can protect themselves

The White House also wanted to assemble an international coalition of allies to distinguish China, according to the official, who said that it was the first time that NATO condemned Beijing’s hacking operations.

A spokesperson for the Chinese Foreign Ministry who has been asked in the past about the attack on Microsoft Exchange said that China “strongly opposes and combats cyber attacks and cyber theft in all its forms” and warned that attribution of cyber attacks should be based on evidence and not on “baseless accusations”.

Last week, Washington offered rewards of up to $ 10 million for information on the identity of foreign hackers in the hope of stopping ransomware attacks.

US experts believe many of them are from Russia, although the degree of government involvement is debated.

(With information from AP, EFE and AFP)

KEEP READING: