World

Biden administration accuses hackers detained in China in Microsoft’s cyberattack

The Washington-Biden administration publicly accused hackers of China’s major intelligence agencies on Monday. Extensive cyber attacks This year’s Microsoft Corp. Government officials said Beijing’s email software was part of a global effort to condemn Beijing’s malicious cyber activities.

In addition, four Chinese, including three intelligence officers, were charged with separate hacking activities.

The U.S. government is “highly confident” that hackers belonging to the Department of Homeland Security (MSS) have carried out an unusually indiscriminate hack of Microsoft Exchange Server software that appeared in March, officials said. ..

“The United States and countries around the world hold the People’s Republic of China (PRC) responsible for patterns of irresponsible, destructive and volatile behavior in cyberspace, which is our economic and national security. “It poses a great threat to the United States,” said the Secretary of State. Antony Blinken said. “We have fostered an ecosystem of criminal contract hackers who carry out both state-sponsored activities and cybercrime for their own financial gain,” he added.

The United Kingdom and the European Union have joined the attribution of hacking activities. This has made most of the estimated hundreds of thousands of small businesses and organizations vulnerable to cyber intrusion.

U.S.-led announcements are the most important action from the Biden administration to date on China’s long-standing cyberattack campaign against the U.S. government and U.S. companies, often with routine nation-state espionage and naval technology and coronaviruses. Accompanied by the theft of valuable intellectual property such as-vaccine data.

The Justice Department issued a grand jury indictment on Monday in May, with the aim of working with the State Security Department to benefit Chinese businesses and the commercial sector by stealing intellectual property. Business information that has charged four Chinese citizens and residents for engaging in a jury campaign. The indictment did not appear to be directly related to the Microsoft Exchange Server breach, but hackers benefited the Chinese government and Chinese companies by stealing information about Ebola virus research and other topics from businesses and universities. I blamed him.

Attributing Microsoft’s hack to China is part of a broader global condemnation of Beijing’s cyberattacks by the United States, the European Union, the United Kingdom, Canada, Australia, New Zealand, Japan and the North Atlantic Treaty Organization (NATO). Will be. Officials say they would accuse MSS of using criminal contractors to “perform globally unlicensed cyber operations, including personal gain,” such as cyber-responsive blackmail and theft. Stated.

“”
“The failure of sanctions on Chinese officials was one of the most prolific and mysterious failures of transcendental Chinese policy.”


— Dmitri Alperovitch, Silverado Policy Accelerator

US officials have accused China of widespread hacking targeting US businesses and government agencies. China has historically denied that claim. A spokesman for the Chinese Embassy in Washington did not immediately respond to a request for comment.

The Exchange Server hack was disclosed by Microsoft in March, along with a software patch to fix a bug being exploited in the attack.Microsoft at the time identified the culprit As a Chinese cyber espionage group A state tie called Hafnium, an assessment supported by other cybersecurity researchers. The Biden administration has so far not offered attribution, basically agreeing with the conclusions of the private sector and providing more detailed identification.

Attacks on Exchange Server systems began slowly and secretly in early January by hackers targeting infectious disease researchers, law firms, and universities in the past, according to cybersecurity officials and analysts. However, as other China-linked hacking groups were involved and Microsoft worked to send software patches to customers in early March, the tempo of operations as it infects thousands of servers. Seemed to be stronger.

Also on Monday, the National Security Agency, the Federal Bureau of Investigation, the Cyber ​​Security and Infrastructure Security Agency jointly announced technical details of more than 50 tactics and technologies preferred by hackers related to the Chinese government, officials said. Stated. Releases of such lists are common when the United States publishes or highlights malicious hacking campaigns and aims to help businesses and critical infrastructure operators better protect their computer systems. It is said.

Cybersecurity experts have been putting pressure on the Biden administration for months to address China’s alleged involvement in Microsoft’s email hacking. Cybersecurity expert Dmitri Alperovitch, along with the Silverado Policy Accelerator think tank, said the collaborative global condemnation of China was welcomed and postponed.

“The hacking of Microsoft Exchange by MSS contractors is the most reckless cyber operation ever seen by Chinese officials and is far more dangerous than Russia.

SolarWinds

“Hacking,” said Alperovich. Extensive Cyber ​​Spy Campaign Detected last December, along with other alleged activities A series of disciplinary measures Against Moscow.

Alperovich criticized China for not imposing sanctions and questioned why Beijing appears to be avoiding stricter penalties, especially when compared to those slapped by Russia. Stated.

“The failure of sanctions on Chinese-related parties was one of the most prolific and mysterious failures of trans-government Chinese policy,” Alperovich said of the People’s Republic of China. Monday’s public shame without further punishment “looks like a double standard compared to acting against Russian actors. We treat China with children’s gloves.”

High-ranking government officials said the Biden administration has no single action that could change the malicious cyber behavior of the Chinese government, but is focused on bringing the country together in a unified position against Beijing. He said he was aware. Officials said the list of countries blaming China on Monday was “unprecedented” and this was the first time NATO itself did so specifically.

“We have announced that we will continue to take action to protect Americans from malicious cyber activities, regardless of who is responsible,” officials said. “And we do not intend to rule out further actions to make China accountable.”

Microsoft hack

Editor-selected WSJ coverage of Exchange Server cyberattacks.

According to the new indictment, members of a local branch of a Chinese intelligence agency in southern Hainan set up a front company, calling itself an information security company, hacking the United States, Austria, Cambodia and dozens of other victims. Instructed the employee. Country.

Defendants (three of whom are called intelligence officers) have not been detained in the United States. Some cybersecurity experts say that prosecution against foreign state-sponsored hackers has little effect, as defendants are rarely brought to court in the United States. US officials said they would defend this practice and help convince the Allied government, the private sector, and others about the scope of the problem.

The group has dozens of schools, businesses and government agencies around the world, from research facilities in California and Florida focused on viral treatment and vaccines to the University of Pennsylvania, a Swiss chemical company that manufactures marine paints. It has been accused of being hacked. Robotics Program and National Institutes of Health and two Saudi government ministries. Companies and universities are not named in the indictment.

According to the indictment, the hacker used fake spear phishing emails to store the stolen data on GitHub. They said they coordinated with a professor at a Chinese university, including identifying and hiring hackers for the campaign. According to the indictment, allegations of NIH violations date back to August 2013.

Write to Dustin Voltz dustin.volz@wsj.com And Aruna Viswanatha Aruna.Viswanatha@wsj.com

Copyright © 2021 DowJones & Company, Inc. all rights reserved. 87990cbe856818d5eddac44c7b1cdeb8

Biden administration accuses hackers detained in China in Microsoft’s cyberattack

Source link Biden administration accuses hackers detained in China in Microsoft’s cyberattack

Back to top button