[ad_1]
The US, UK and their allies have officially attributed the Microsoft Exchange hack to actors affiliated with the Chinese government, and other countries are joining the assessment, stepping up last week’s tensions between the White House and China.
The United States and a group of allies said on Monday that the Chinese government was the mastermind behind a series of malicious ransomware, data theft and cyber-espionage attacks against public and private entities, including hacking sprawling Microsoft Exchange earlier this year.
“The Chinese government must put an end to this systematic cyber sabotage and can be expected to be held responsible if it does not do so,” British Foreign Minister Dominic Raab said in a statement on Monday.
European Union foreign policy chief Josep Borrell said the cyber attack was carried out from China and “resulted in significant security risks and economic losses for our government institutions and private businesses.” Activities related to Advanced Persistent Threat 40 and Advanced Persistent Threat 31 hacker groups, EU statement says statement Monday.
The group of countries attributing the attack to China will also include Australia, Canada, New Zealand, Japan and NATO, marking the first condemnation by the North American-European alliance of China’s cyber activities. a senior official in the Biden administration said.
Monday’s announcement will add to the array of issues the United States and China disagree with, including economic, military and political issues. These tensions escalated last week when the administration warned investors about the risks of doing business in Hong Kong with a notice saying that pressure from China to exert more control over the financial center threatens the rule of law and endangers employees and data.
The United States has also indicted four Chinese nationals affiliated with the Department of State Security for a campaign to hack the computer systems of dozens of companies, universities and government entities in the United States and abroad. between 2011 and 2018. The indictment was released on Monday.
President Joe Biden has called competition with China one of the defining challenges of the century. Chinese leaders were taken aback by the administration’s decision to leave the tariffs imposed by former President Donald Trump in place, and were enraged by its support for reopening a review of how the Covid pandemic -19 started – and if she leaked from a lab in Wuhan.
With Monday’s report, the evidence presented should show how China’s State Security Ministry is using criminal hackers to conduct unauthorized cyber operations around the world, including for its own personal benefit, the official said.
China’s Foreign Ministry did not immediately respond to an after-hours request for comment. In March, the ministry dismissed allegations that China-based hackers were behind cyber attacks on Microsoft Exchange servers, accusing the company of making “baseless accusations” and saying that the search for the source of the cyber attacks is a ” very sensitive political issue “. China has long insisted that it is not an author but a victim of cyberattacks.
50 tactics
As part of the announcement, the National Security Agency, CISA, and the Federal Bureau of Investigation will outline more than 50 tactics used by Chinese state-sponsored cyber hackers to target US and allied networks, as well as advice and technical mitigation measures to deal with the threats, the official added. .
Among the threats is state-sponsored cyber extortion, also known as ransomware attacks, in which the Chinese government demanded millions of dollars from private companies in exchange for digital keys allowing victims to trace access to their computer networks, the official said.
Microsoft Corp. previously attributed the piracy to Chinese players, the software giant called Hafnium. The US assessment appears to corroborate Microsoft’s findings, attributing the hack to MSS-affiliated actors with “great confidence,” the official said.
The attack on Microsoft’s Exchange mail servers exploded for two weeks between late February and early March. Microsoft first released software patches on March 2 to address critical vulnerabilities exploited in the hack. The attack exposed tens of thousands of victims’ email systems, including those from healthcare facilities, manufacturers, energy companies, and state and local governments.
Until now, most ransomware attacks have been attributed to carriers in Eastern Europe and North Korea. Now the United States is accusing the Chinese government not only of conducting malicious cyber operations, but also of hiring mercenaries, the official said. The allegation accuses China of not only sponsoring espionage, but also supporting and possibly endorsing the work of cybercriminals carrying out these attacks.
Due to the spread of casualties around the world, the official attribution only came after the United States reached a high level of confidence in the source of the hack and made the announcement in concert with its partners. allies, added the official.
– With the help of Kitty Donaldson and Lucille Liu
[ad_2]
Source link