US accuses China of hacking Microsoft


WASHINGTON – The Biden administration formally accused the Chinese government on Monday of violating Microsoft messaging systems used by many of the world’s largest companies, governments and military contractors, as the United States joined a large group allies, including all NATO members, to condemn Beijing for cyber attacks around the world.

The United States has for the first time accused China of paying criminal groups to carry out large-scale hacks, including ransomware attacks to extort millions of dollars from companies, according to a White House statement. Microsoft had singled out hackers linked to China’s State Security Ministry for exploiting loopholes in the company’s messaging systems in March; the United States’ announcement on Monday morning was the first suggestion that the Chinese government had hired criminal groups to hack tens of thousands of computers and networks around the world for “significant repair costs for its victims mainly in the industry. private, ”according to the White House.

Secretary of State Antony J. Blinken said in a statement Monday that China’s State Security Ministry “has fostered an ecosystem of criminal hackers who conduct both state-sponsored activities and cybercrime to their own financial gain ”.

“These contracted hackers cost governments and businesses billions of dollars in stolen intellectual property, ransom payments and cybersecurity mitigation efforts, while the MSS had them on its payroll,” said Mr. Blinken.

The condemnation of NATO and the European Union is unusual, as most of their member countries have been deeply reluctant to publicly criticize China, a major trading partner. But even Germany, whose companies have been hit hard by the hack of Microsoft Exchange – email systems that companies maintain themselves, rather than putting them in the cloud – has cited the Chinese government for its work.

“We call on all states, including China, to respect their international commitments and obligations and to act responsibly in the international system, including in cyberspace,” according to a NATO statement.

Despite the mess, the ad lacked sanctions similar to those the White House imposed on Russia in April, when it blamed the country for the massive SolarWinds attack that hit U.S. government agencies and more than 100 companies. (The Justice Department unveiled a May indictment on Friday accusing three Chinese officials of a campaign to hack the computer systems of dozens of businesses, universities and government entities in the United States between 2011 and 2018. Hackers developed shell companies to hide any role the Chinese government had supported the operation, according to the Justice Department.)

By imposing sanctions on Russia and organizing allies to condemn China, the Biden administration has plunged deeper into a digital cold war with its two main geopolitical adversaries than at any time in modern history.

While there is nothing new about digital espionage on Russia and China – and Washington’s efforts to block it – the Biden administration has been surprisingly aggressive in calling out both countries and organizing a coordinated response.

But so far, he has yet to find the right mix of defensive and offensive actions to create effective deterrence, according to most outside experts. And the Russians and the Chinese have become more daring. The SolarWinds attack, one of the most sophisticated ever detected in the United States, was an effort by the main Russian intelligence service to modify the code of widely used network management software to access more than 18,000 businesses, federal agencies and think tanks.

China’s effort was not as sophisticated, but it took advantage of a vulnerability that Microsoft had not discovered and used it to carry out espionage activities and undermine confidence in the security of systems that it did. companies use it for their primary communications. It took months for the Biden administration to develop what officials say is “high confidence” that the hack into Microsoft’s messaging system was done at the behest of the Department of State Security, the Department said. senior administration official, and encouraged by private actors who had been hired by the Chinese secret service.

The last time China was caught in surveillance on such a scale was in 2014, when it stole more than 22 million security clearance files from the Bureau of Personnel Management, allowing for an understanding depth of the lives of Americans who are allowed to retain control of the nation. secrets.

President Biden has vowed to fortify the government, making cybersecurity a goal of his summit meeting in Geneva with Russian President Vladimir V. Putin last month. But her administration was faced with questions about how she would also deal with the growing threat from China, especially after Microsoft’s hack was publicly exposed.

Speaking to reporters on Sunday, the senior administration official admitted that China’s public condemnation would do little to prevent future attacks.

“No action can change China’s behavior in cyberspace,” the official said. “And a single country could not act alone either.”

But the decision not to impose sanctions on China was also revealing: it was a step many allies would not agree to take.

Instead, the Biden administration decided to rally enough allies to join in on China’s public denunciation to maximize pressure on Beijing to reduce cyber attacks, the official said.

The joint statement criticizing China, to be released by the United States, Australia, Britain, Canada, the European Union, Japan and New Zealand, is unusually broad. It is also the first NATO statement to publicly target Beijing for cybercrime.

The European Union condemned Monday the “malicious cyberactivities” undertaken from Chinese territory but did not denounce the responsibility of the Chinese government.

“This irresponsible and harmful behavior has resulted in significant security risks and economic losses for our government institutions and private businesses, and has shown significant fallout and systemic effects for our security, economy and society in general,” Josep Borrell Fontelles, Head of EU Foreign Policy. , said in a statement. “These activities may be linked to hacker groups,” the statement added.

Mr. Borrell called on the Chinese authorities not to allow “the use of its territory” for such activities, and to “take all appropriate measures and measures reasonably available and feasible to detect, investigate and remedy the situation” .

The National Security Agency, the FBI and the Cybersecurity and Infrastructure Security Agency also issued an advisory Monday warning that the Chinese hack posed a “major threat” to the United States and its allies. China’s targets include “political, economic, military and educational institutions, as well as critical infrastructure.”

Government-hired criminal groups aim to steal sensitive data, critical technologies and intellectual property, according to the advisory.

The FBI took an unusual step in hacking Microsoft: in addition to investigating the attacks, the agency obtained a court order allowing it to enter unpatched corporate systems and remove items from code left by Chinese hackers that could allow tracking attacks. . It was the first time the FBI had intervened to remedy an attack and investigate its perpetrators.

Monika pronczuk contributed to reports from Brussels.

Source link


Please enter your comment!
Please enter your name here