US, key allies squarely blame China for recent cyber attacks

representational image (IANS photo)


For the first time, the US and its key allies, including the European Union, the UK and NATO, on Monday accused the Chinese government of hiring cybercriminals on contract and attacking tech giants’ networks and federal agencies in the West.

The US and allies exposed China’s pattern of malicious cyber activities and taking further action to counter it, saying it poses a major threat to the US and allies’ economic and national security.

“The United States is deeply concerned that the PRC (People’s Republic of China) has fostered an intelligence enterprise that includes contract hackers who also conduct unsanctioned cyber operations worldwide, including for their own personal profit,” the White House said in a detailed statement.

“As detailed in public charging documents unsealed in October 2018 and July and September 2020, hackers with a history of working for the PRC Ministry of State Security (MSS) have engaged in ransomware attacks, cyber-enabled extortion, crypto-jacking, and rank theft from victims around the world, all for financial gain,” the US government alleged.

China was yet to reach to the serious allegations.

The US and key allies accused the Chinese government of executing the recent Microsoft Exchange hack that affected more than 30,000 organisations in the US alone.

“In some cases, we are aware that PRC government-affiliated cyber operators have conducted ransomware operations against private companies that have included ransom demands of millions of dollars,” the statement read.

The US Department of Justice announced criminal charges against four MSS hackers addressing activities concerning a multi-year campaign targeting foreign governments and entities in key sectors, including maritime, aviation, defence, education, and healthcare in the least a dozen countries.

The US said with a high degree of confidence that malicious cyber actors affiliated with PRC’s MSS conducted cyber-espionage operations utilising the zero-day vulnerabilities in the Microsoft Exchange Server disclosed in early March this year.

Before Microsoft released its security updates, MSS-affiliated cyber operators exploited these vulnerabilities to compromise tens of thousands of computers and networks worldwide in a massive operation that resulted in significant remediation costs for its mostly private sector victims.

“We have raised our concerns about both this incident and the PRC’s broader malicious cyber activity with senior PRC Government officials, making clear that the PRC’s actions threaten security, confidence, and stability in cyberspace,” the US noted.

“By exposing the PRC’s malicious activity, we are continuing the Administration’s efforts to inform and empower system owners and operators to act. We call on private sector companies to follow the Federal government’s lead and take ambitious measures to augment and align cybersecurity investments with the goal of minimising future incidents,” the statement said.