The United States and major allies and partners on Monday blamed the People’s Republic of China (PRC) for a hack of Microsoft Exchange email server software that compromised tens of thousands of computers around the world earlier this year.
“Today, the United States and our allies and partners are exposing further details of the PRC’s pattern of malicious cyber activity and taking further action to counter it, as it poses a major threat to U.S. and allies’ economic and national security,” the White House said in a statement published on Monday.
An unprecedented group of allies and partners – including the European Union, the United Kingdom, and NATO – are joining the United States in exposing and criticizing the PRC’s malicious cyber activities, the White House continued.
The U.S., joined by major global allies Australia, Canada, Japan, the United Kingdom, New Zealand and the European Union, on Monday publically called out the Chinese government (PRC) for the behavior. Their intention is to signal to China that its cyber activities will prompt countries around the world to unite to protect their networks.
In coordination with our allies, the Biden administration is exposing the PRC’s use of criminal contract hackers to conduct unsanctioned cyber operations globally, including for their own personal profit, the White House said.
According to the White House statement, “As detailed in public charging documents unsealed in October 2018 and July and September 2020, hackers with a history of working for the PRC Ministry of State Security (MSS) have engaged in ransomware attacks, cyber-enabled extortion, crypto-jacking, and rank theft from victims around the world, all for financial gain.“
“In some cases, we are aware that PRC government-affiliated cyber operators have conducted ransomware operations against private companies that have included ransom demands of millions of dollars,” the statement read.
“The US Department of Justice is announcing criminal charges against four MSS hackers addressing activities concerning a multiyear campaign targeting foreign governments and entities in key sectors, including maritime, aviation, defense, education, and healthcare in a least a dozen countries, said the White House statement.”
“DOJ documents outline how MSS hackers pursued the theft of Ebola virus vaccine research and demonstrate that the PRC’s theft of intellectual property, trade secrets, and confidential business information extends to critical public health information.”
“Before Microsoft released its security updates, MSS-affiliated cyber operators exploited these vulnerabilities to compromise tens of thousands of computers and networks worldwide in a massive operation that resulted in significant remediation costs for its mostly private sector victims,” the White House continued.
The White House said, “We have raised our concerns about both this incident and the PRC’s broader malicious cyber activity with senior PRC Government officials, making clear that the PRC’s actions threaten security, confidence, and stability in cyberspace.”
Read the White House’s full statement here.
The UK government also released a statement on Monday that said ” China’s reckless campaign”.
“The Chinese government has ignored repeated calls to end its reckless campaign, instead allowing its state-backed actors to increase the scale of their attacks and act recklessly when caught,” the UK government claimed in a press release.
“This coordinated action today sees the international community once again urge the Chinese government to take responsibility for its actions and respect the democratic institutions, personal data and commercial interests of those with whom it seeks to partner,” the UK statement continued.
“The UK is calling on China to reaffirm the commitment made to the UK in 2015 and as part of the G20 not to conduct or support cyber-enabled theft of intellectual property of trade secrets.”
The European Union also blamed China and said in a statement Monday – “We have also detected malicious cyber activities with significant effects that targeted government institutions and political organisations in the EU and member states, as well as key European industries. These activities can be linked to the hacker groups known as Advanced Persistent Threat 40 and Advanced Persistent Threat 31 and have been conducted from the territory of China for the purpose of intellectual property theft and espionage.”
“The EU and its member states strongly denounce these malicious cyber activities, which are undertaken in contradiction with the norms of responsible state behaviour as endorsed by all UN member states. We continue to urge the Chinese authorities to adhere to these norms and not allow its territory to be used for malicious cyber activities, and take all appropriate measures and reasonably available and feasible steps to detect, investigate and address the situation, EU said in a statement.
(With inputs from agencies)
A global media for the latest news, entertainment, music fashion, and more.
