The United States on Monday accused Beijing of carrying out a massive hack of Microsoft and charged four Chinese nationals as it rallied allies in rare joint condemnation of "malicious" cyber activity from China.
In comments likely to further strain worsening relations between Washington and Beijing, U.S. Secretary of State Antony Blinken said that the March hack of Microsoft Exchange, the widely used email server, was part of a "pattern of irresponsible, disruptive and destabilizing behavior in cyberspace, which poses a major threat to our economic and national security."
China's Ministry of State Security, or MSS, "has fostered an ecosystem of criminal contract hackers who carry out both state-sponsored activities and cybercrime for their own financial gain," Blinken said in a statement.
In a simultaneous announcement, the U.S. Department of Justice said four Chinese nationals had been charged with hacking the computers of dozens of companies, universities and government bodies in the United States and abroad between 2011 and 2018.
Pointing to the indictment, Blinken said the United States "will impose consequences on (Chinese) malicious cyber actors for their irresponsible behavior in cyberspace."
President Joe Biden told reporters the United States was still completing an investigation before taking any countermeasures and drew parallels with the murky but prolific cybercrime attributed by Western officials to Russia.
"The Chinese government, not unlike the Russian government, is not doing this themselves, but are protecting those who are doing it, and maybe even accommodating them being able to do it," Biden told reporters.
Biden, like his predecessor Donald Trump, has ramped up pressure on China, seeing the rising Asian power's increasingly assertive moves at home and abroad as the main long-term threat to the United States.
In a step that the Biden administration hailed as unprecedented, the United States coordinated its statement Monday with allies -- the European Union, Britain, Australia, Canada, New Zealand, Japan and NATO.
"The cyberattack on Microsoft Exchange Server by Chinese state-backed groups was a reckless but familiar pattern of behavior," British Foreign Secretary Dominic Raab said.
NATO issued a statement condemning malicious cyber activity and offering of "solidarity" over the Microsoft hacking without directly assigning blame, while noting that allies United States, Britain and Canada found China to be responsible.
A US official said it was the first time that NATO -- the Western military alliance whose members include Hungary and Turkey, which have comparatively cordial relations with Beijing -- has condemned cyber activity from China.
It follows a summit last month in which NATO took up China, part of what Biden says is a more collaborative, alliance-driven strategy to face Beijing after Trump's predilection for harsh rhetoric.
The EU said the Microsoft hacking was "undertaken in contradiction with the norms of responsible state behavior."
The bloc also stopped short of directly blaming the Chinese government but called on Beijing to "take all appropriate measures" to clamp down.
Frank Cilluffo, director of Auburn University's McCrary Institute for Cyber and Critical Infrastructure Security, praised the "breadth and depth of international cooperation" in clearly attributing responsibility to China.
"In addition to the indictments, we need to follow through to ensure there are consequences to induce changes in the Chinese government's behavior and hopefully move toward leveling the cyber playing field," he said.
The Microsoft hack, which exploited flaws in the Microsoft Exchange service, affected at least 30,000 US organizations including local governments as well as organizations worldwide.
"Responsible states do not indiscriminately compromise global network security nor knowingly harbor cyber criminals -- let alone sponsor or collaborate with them," Blinken said in his statement.
"These contract hackers cost governments and businesses billions of dollars in stolen intellectual property, ransom payments, and cybersecurity mitigation efforts, all while the MSS had them on its payroll."
Accusations of cyberattacks against the United States have recently focused on Russia, rather than China.
US officials say that many of the attacks originate in Russia, although they have debated to what extent there is state involvement. Russia denies responsibility.
This year has seen a slew of prominent ransomware strikes that have disrupted a major U.S. pipeline, a meat processor and the software firm Kaseya, which affected 1,500 businesses.
Last week, Washington offered $10 million for information about foreign online extortionists.© 2021 AFP
40 Comments
Burning Bush
These vague and murky accusations of hacking are just like those of terrorism.
No actual hard evidence, just unverifiable claims, which serve the interests of the military industrial complex war mongers.
P. Smith
Love it. You think the government should publish the evidence before the investigation is over. That’s a great idea. Let the perpetrators know how to improve their operations.
SuperLib
A coalition. That's how you do it.
Mark
I am sure that the U.S. is doing it's share of hacking too. NO super power these days can become one without spying.
bass4funk
China is just going buck wild on this administration, relentless, emboldened and this is another reason why I never bothered with Windows.
Jsapc
The March 2021 hacking of Windows Exchange is the reason you never used Windows...for the plus 30 years it exists?
bass4funk
Macs only for me.
Jsapc
I personally don't support Apple because their products are made by Chinese sweatshop workers, but to each his own values I guess.
The Avenger
I support minimum standards for all business/private entities. It's those old advertising security holes that has brought us to where we are today. All software should be forced to meet minimum standards or not be usable on computers and especially phones & tablets.
This is a huge undertaking but it has to happen.
dagon
NATO issued a statement condemning malicious cyber activity and offering of "solidarity" over the Microsoft hacking without directly assigning blame, while noting that allies United States, Britain and Canada found China to be responsible.
A US official said it was the first time that NATO -- the Western military alliance whose members include Hungary and Turkey, which have comparatively cordial relations with Beijing -- has condemned cyber activity from China.
It follows a summit last month in which NATO took up China, part of what Biden says is a more collaborative, alliance-driven strategy to face Beijing after Trump's predilection for harsh rhetoric.
File this under things that would not have happened under a Trump Administration.
bass4funk
I feel you on that one, but since the liberal big tech Oligarchs sold us out to the Chinese we can’t be in the dark, as much as I hate taking some things from that nation, there’s no choice unless these tech fools stop outsourcing to the Chinese, hire qualified Americans and get rid of the H-1B student visas but at least Macs are more secure, I am great full to Jobs and Cook for that. Gates should have taken a page from these men.
zichi
No Apple product is made by Chinese sweatshops. Apple investigates all claims. Most computers and smartphones are made in China. Apple has started to move production to India and Brazil. The total divorce from China is difficult and will take time. China has the greatest deposit of rare earth minerals needed in every device.
Jsapc
What?
...what?
You are aware macs are also regularly hacked too, right? They're less targeted because they're less used overall, but they are pretty much as just vulnerable as Windows. On of their biggest hacks happened last April.
You mean he should have shamelessly stolen ideas from other companies and then sold them as their own with a 200% price markup for absolutely no reason?
William Bjornson
It would be interesting if we could get reports from China or Russia regarding American hacking of THEIR systems but that is very unlikely in the controlled Western Press. It's ALWAYS the other guy with us. We, The Worthy, would never stoop to trying to cripple competitors systems or, perhaps, we can't. That would be even more reason to suppress our own attempts. Neither Russia nor China, to my knowledge have sold out their people by 'privatizing' strategic assets, handing them to people who divert what would be spent on security into profits. When the U.S. southeastern pipeline was disabled, the buck should have fallen squarely on the corporation responsible for the pipeline and its apparently transparent security rather than a lot of hand wringing and whining about "THEM" doing to us (so easily). And in our current world, if it came out that the hacking was done by another American group or an ally trying to tank the stock of the pipeline company for a hostile takeover, who, if they are paying attention to details, would actually be surprised?
StevieJ
You think Macs are secure? Oh you sweet summer child.
William Bjornson
If you use any Microsoft services, it was very clear yesterday that things were not working well, that is, if you could connect at all. They bumbled through but today also there are delays and eternal pauses in the service.
And, just saying in response to "...and get rid of the H-1B visas..." American conservatives have so trashed the American educational system that America NEEDS to steal talent from wherever it can and China has a very fine commitment to STEM whereas America has an equally strong commitment to football. After the American 'troubles' of the 1960's, all of the conservative think tanks (for e.g. see Cato) unanimously agreed that Americans were over-educated and their expectations too high and set about dumbing down our schools, cutting funds to education (for e.g. see: DeVos), and generally helping to disable American leadership in the world for their own benefit and no competent native oversight. 26 Trillion dollars in debt is the result. My guess would be that, at this time, relatively more patents for American companies come out of H-1B workers and researchers than their American counterparts. I'm an American and I KNOW our history and this destruction of the American educational system is just a small, but significant, part of what is tearing America apart.
Joe Blow
Foxconn makes products for many companies, not just Apple. Let's put this myth to bed.
Foxconn Major customers:
The following list consists of Foxconn's present or past major customers. The list is provided in alphabetical order.
Their country of origin or base of operations is in parentheses.
Acer Inc. (Taiwan)[89]
Amazon.com (United States)[10]
Apple Inc. (United States)[90]
BlackBerry Ltd. (Canada)[91]
Cisco (United States)[92]
Dell (United States)[93]
Fisker Inc (United States) [94]
Google (United States)[95]
Hewlett-Packard (United States)[96]
Huawei (China)[97]
InFocus (United States)
Intel (United States)
Lenovo (China)
Microsoft Corp. (United States)[98][99]
Motorola Mobility (United States)[93]
Nintendo (Japan)[100]
HMD Global (Under Nokia Brand) (Finland)[90][101]
Sega (Japan)
Sony (Japan)[102]
Toshiba (Japan)[103]
Vizio (United States)[104]
Xiaomi (China)[105]
https://en.wikipedia.org/wiki/Foxconn#Major_customers
zichi
This year I have finally given up on Windows after it was deleted from my PC for a reason I don't know. Sometimes it happens. Over 26 years, of Windows so many problems so much time, fixing it.
My macs have never given me any problems during the same time span.
Wasn't it Trump who stopped the H-1B workers?
Desert Tortoise
There are American made computers and laptops. They tend to be high end gaming computers with very fast processors and the highest quality displays but they are out there. If you speak to the people at Velocity Micro they will tell you the only two components in their computers from China are the outer case and battery. The rest of the components come from Taiwan or the US and they are assembled in Virginia. I'm buying one and having it set up as a Linux only machine. They will do that. The machine will never in its life have any software from Macroshaft or Apple. Surprisingly some Lenovo models are assembled in the US.
Digital Storm and Falcon Northwest are two other US computer manufacturers. Check out Falcon Northwest's DRX "laptop". DRX apparently stands for Desktop Replacement Extreme. Every Falcon Northwest computer is custom built to the buyers specifications. Still cheaper than an iMac Pro.
There are alternatives to buying from China so shop carefully everyone.
Matej
yes all just talk for some kind of "image".
no evidences no proofs.
Iraq,Afganistan,Libya,Syria,"russian threats",novichok stories for kids,now "hacking" of Microsoft...all same fashion "verified news"...aka fake news/propaganda.
booooring Joe...you are sooooo booooring.....
bass4funk
Not even remotely close to the level Windows are. There is a reason why Apple is the largest private PC company in the world and why people are switching.
And made it even better, sure. Jobs was smart, Gates wasn’t in the end, the nature of the corporate competitive beast.
Desert Tortoise
For those who doubt the veracity of the claims about China's hacking, you can read open source descriptions of Chinese hacking by private IT security firms like Fireeye and others. Here is a detailed description of the recent Kaseya ransomware hack.
https://www.zscaler.com/blogs/security-research/kaseya-supply-chain-ransomware-attack-technical-analysis-revil-payload
Here is a more general description of the many Advanced Persistent Threats by Fireeye.
https://www.fireeye.com/current-threats/apt-groups.html
Hacks leave a trail behind them. Often firms like Fireeye will penetrate the hacking cells themselves and record their keystrokes as they hack. Read this older description of APT ! based in Shanghai. It is a good read albeit very long but it explains in great detail how the Chinese infiltrate firms IT systems and steal their IP.
https://www.fireeye.com/content/dam/fireeye-www/services/pdfs/mandiant-apt1-report.pdf
Mandiant became Fireeye. They were even able to identify individuals in the unit.
Jsapc
Of course. But you can hardly expect Acer, for example, a Taiwanese company, to build their products anywhere else than China. You can, on the other hand, criticize Apple with its cooler-than-thou image for using sweatshops. And not to make their products cheaper, but only to maximize their already gigantic profits. Disgusting capitalistic behaviour is a scale, and Apple is one the heaviest offenders.
zichi
Windows are a target because there are many more users than Mac OS. Too many companies, health services, people still using ancient versions of Windows.
Microsoft is a software company. Apple is a hardware company.
Most of the people on this site don't live in America, including many of the Americans.
Desert Tortoise
As iPad and iPhones became popular malware to attack them became abundant. They are no more secure than Macroshaft. That old line about Macs being secure comes from a time when Macs were so few and far between hackers ignored them. That is emphatically not true today. Today even Linux has threats and the threats to Apple OS are of the same scale as the threats to Macroshaft.
SuperLib
There's a difference here.
Government to government hacking for secrets is done all the time, for example when Russia hacked US government and other worldwide governments in what's the biggest hack in history last year, all under Trump, whose response was to stick his thumb up his rear and ask what was wrong with having good relations with Russia.
Or when Obama and Israel teamed up to go after Irans's nuclear program with Stuxnet, started under Bush.
That's one side.
The other is industrial espionage or just straight up theft from private businesses. Thats usually done by criminal hacking organizations for profit, which is what the recent hacks have been. With these it's hard to see if there is a direct link between the hackers and government. Attacks originate from Russia and China, but establishing government involvement becomes murky.
Did Putin gain by hacking Colonial Pipeline? That's what's hard to tell. We know it originated from Russia but linking it their government is really, really difficult, and that's why you see statements like this in the article above:
"The bloc also stopped short of directly blaming the Chinese government but called on Beijing to "take all appropriate measures" to clamp down."
Why? Because they don't have the evidence that the hackers are working with the Chinese government. In that situation it's hard to hold the government responsible for the actions of criminals in their country. With Russia, Biden made it clear that if the US hands over intelligence showing Russian individuals are responsible, he expects Putin to act, even if Putin isn't behind it. That's the direction we are moving towards with both countries.
So when you hear someone say, "The US hacks all the time" don't think it's all the same. Biden isn't working with US criminals to shut down a Chinese trucking company to get his cut of a $20 million payday. I'm sure he is actively trying to hack Russian and Chinese government assets, tho.
The good news is that we have a leader in the White House who is taking action by building a worldwide coalition rather than crapping on the heads of our allies and going it alone. Now the US has much more leverage with a united front.
zichi
About the security content of iOS 14.4 and iPadOS 14.4
https://support.apple.com/en-us/HT212146
Apple is very quick to take action, usually.
Never had any problems with my iPad over 10 years nor my iPhones.
Desert Tortoise
What makes you think they know they are being hacked?
The west spies on their adversaries militaries and diplomats. Western governments don't steal commercial IP and hand it to their own companies in the manner of China, nor do they engage in ransomware attacks. Western internet spying is basically an on-line version of what spies have done for centuries trying to learn their adversaries secrets, how their weapons work, their level of tech, their war plans and the intentions of their leadership. Those are legitimate objects of espionage. Western intelligence organizations do not wholesale steal the IP of private firms and give this to private firms in their country to avoid having to do the hard work of developing the tech themselves. That is a whole different level of commercial theft no different than if Chinese spies broke into corporate offices and stole the material that way.
FizzBit
So do you think the NSA is stall hacking the German Chancellery?
Asking for a friend.
Slayer
Apple rocks, Microsoft blows, everybody that doesn't think my way is delusional and stubborn. HA!
knightsofraiden
There's always Ubuntu or Kali Linux.
zichi
Most servers run Linux which have also been hacked.
knightsofraiden
yes, I know.
M3M3M3
And how exactly do you know this? Or are you just making assumptions? The US receives enormous intelligence advantages by having the world's leading tech companies and platforms based in Silicon Valley. Why wouldn't they protect the dominance of key companies as a matter of national security? They would be foolish not to.
It's naive to imagine that western governments aren't also engage in industrial espionage. The western companies who benefit from industrial espionage may not even be aware that they are beneficiaries. All they see is that some of this years new H1B recruits have extraordinarily innovative ideas.
quercetum
Yes, but you still have to tie the trail to the agent.
drlucifer
Like private IT security firms cannot be in bed with non-private or government organs. Nobody can be trusted, everybody is fighting for infuence, for the unsuspecting minds. we are in an age that one cannot even trust their siblings.
venze
Nothing new, no surprise.
US has made China a convenient blame target for every damn thing. They get unnecessarily agitated and frustrated without making an allegation against Beijing each single day..
What to say?..
Septim Dynasty
Not US-related, my colleague had a relative who worked in NEC as the senior administrator in the IT field. The security incompetence inside the NEC is astounding as all hardware and software are largely outdated. Security breaches happen so regularly every day that the NEC cybersecurity teams, mostly Vietnamese and Indian, simply give up due to the underfunding and endless meetings with the oyajis who don't make any decision! Who knows how much data was stolen from NEC by Chinese, Russian, and other global hackers daily?
Meanwhile, Japan wants to join the Five Eyes, then the country will be a treasure trove for the global hackers.
William Bjornson
How adorable... About 30 years ago I might have answered similarly but much experience, revelation, and observing obvious behavior has burnt that faith in MY SIDE completely out of me. I suspect the average Chinese person would deny their country's behavior as would the average Russian in much the same words, and they would believe it too. But, fact is, we're all the same and are all programmed with the same US versus THEM mentalities implanted into us in our developmental milieus. A Sox fan has no good word to say about a Yankee nor a Yankee fan about the Sox (white). Competitors rarely have complimentary things to say about each other but the real trap is buying into your side's lies, and we ALL do n one way or another. But, I can tell you, if you adopt as your most basic 'identity' Human, rather than some strident nationalism, things will begin to look different to you fairly soon.
Spartan J
Due to it politicising everything, for its own agendas, by the usual player, and based on historical precedents.
I take everything coming out from there, with a pinch of salt, perhaps, some politicians will be wise to do the same??