Microsoft Exchange Hack Caused By China, US, Allies Say



[ad_1]

WASHINGTON (AP) – The Biden administration and its Western allies officially blamed China on Monday for a massive hacking of Microsoft Exchange mail server software and accused Beijing of working with criminal hackers in ransomware attacks and other cyber operations.

The announcements, while not accompanied by sanctions against the Chinese government, were intended to strongly condemn activities that a senior administration official Biden described as part of a “pattern of irresponsible behavior in cyberspace.” They highlighted the continued threat of Chinese government hackers, even as the administration continues to try to curb ransomware attacks by Russia-based unions that have targeted critical infrastructure.

Beijing’s wide array of cyber threats disclosed Monday included ransomware attacks of government-affiliated hackers who have targeted victims – including in the United States – with demands of millions of dollars. U.S. officials allege that China’s State Security Ministry used criminal hackers who engaged in cyberextortion and theft schemes for their own benefit, officials said.

Meanwhile, the Justice Department on Monday announced charges against four Chinese nationals who prosecutors said were working with the State Security Department in a hacking campaign targeting dozens of computer systems, including businesses, universities and government entities. The defendants are accused of stealing trade secrets and confidential business information.

Unlike April, when the public singled out Russian piracy was associated with a series of sanctions against Moscow, the Biden administration has not announced any action against Beijing. Nonetheless, a senior administration official who briefed reporters said the United States had clashed with senior Chinese officials and the White House viewed the multinational public humiliation as an important message.

The European Union and Britain also called on China. The EU said malicious cyber activities with “significant effects” targeting government institutions, political organizations and key industries in the bloc’s 27 member states could be linked to Chinese hacking groups. The UK’s National Cyber ​​Security Center said the groups were targeting maritime industries and naval defense contractors in the US, Europe and the Finnish parliament.

In a statement, EU foreign policy chief Josep Borrell said the hacking was “carried out from inside China for the purpose of intellectual property theft and espionage.”

The Microsoft Exchange cyber attack “by Chinese state-backed groups was reckless but familiar behavior,” British Foreign Minister Dominic Raab said.

NATO, in its first public condemnation of China for hacking activities, called on Beijing to respect its international commitments and obligations “and to act responsibly in the international system, including in cyberspace”. The alliance said it was determined to “deter, defend and actively counter the full spectrum of cyber threats.”

The fact that hackers affiliated with the Department of State Security engaged in ransomware was surprising and of concern to the U.S. government, the senior administration official said. But the attack, in which an unidentified U.S. company received a large ransom demand, also gave U.S. officials new insight into what the official said was “the kind of aggressive behavior that we see it coming from China ”.

The majority of recent, most damaging and high-profile ransomware attacks have involved Russian criminal gangs. Although the United States has sometimes seen links between Russian intelligence agencies and individual hackers, the Chinese government’s use of criminal hackers “to conduct unauthorized cyber operations around the world is distinct,” said the manager.

The Microsoft Exchange hack that months ago compromised tens of thousands of computers around the world was quickly blamed on Chinese cyber spies. by private sector groups. An administration official said the government’s attribution to hackers affiliated with China’s State Security Ministry has so far been in part due to ransomware discovery and for-profit hacking operations and because the administration wanted to combine the announcement with advice for businesses on the tactics the Chinese used.

A notice released Monday by the FBI, National Security Agency, and Cybersecurity and Infrastructure Security Agency outlined specific techniques and means that government agencies and businesses can protect themselves from.

A spokesperson for the Chinese Embassy in Washington did not immediately return an email requesting comment on Monday. But a spokesperson for the Chinese Foreign Ministry previously deflected responsibility for the Microsoft Exchange hack, saying China “strongly opposes and fights cyberattacks and cyber theft in all its forms” and warned that the attribution Cyber ​​attacks should be based on evidence and not on “baseless accusations.” “

___

Kelvin Chan in London contributed to this report.

___

Follow Eric Tucker on Twitter at http://www.twitter.com/etuckerAP.



[ad_2]

Source link