Washington D.C.: Accusing China’s Ministry of State Security (MSS) of having fostered an ecosystem of criminal contract hackers who carry out both state-sponsored activities and cybercrime for their own financial gain, the United States today issued a statement holding Beijing accountable for “its pattern of irresponsible, disruptive, and destabilizing behavior in cyberspace, which poses a major threat to our economic and national security”.
US Secretary of State Antony J. Blinken, in the statement, said the United States government, alongside its allies and partners, “has formally confirmed that cyber actors affiliated with the MSS exploited vulnerabilities in Microsoft Exchange Server in a massive cyber espionage operation that indiscriminately compromised thousands of computers and networks, mostly belonging to private sector victims”.
Referring to the indictment of three MSS officers and one of their contract hackers unsealed by the Department of Justice today, Blinken said following the evidence, the United States will impose consequences on People’s Republic of China’s malicious cyber actors for their irresponsible behaviour in cyberspace.
“Apart from the PRC’s direct commitments not to engage in cyber-enabled theft of intellectual property for commercial gain, the international community has laid out clear expectations and guidelines for what constitutes responsible behavior in cyberspace. Responsible states do not indiscriminately compromise global network security nor knowingly harbor cyber criminals – let alone sponsor or collaborate with them. These contract hackers cost governments and businesses billions of dollars in stolen intellectual property, ransom payments, and cybersecurity mitigation efforts, all while the MSS had them on its payroll,” the statement said.
Earlier the White House state today that the US had raised its concerns about both the Microsoft incident and the PRC’s broader malicious cyber activity with senior PRC government officials, making clear that the PRC’s actions threaten security, confidence, and stability in cyberspace. “The U.S. and our allies and partners are not ruling out further actions to hold the PRC accountable,” it asserted.
The White House stated that the Chinese operations included criminal activities, such as cyber-enabled extortion, crypto-jacking, and theft from victims around the world for financial gain. “In some cases, we’re aware of reports that PRC government-affiliated cyber operators have conducted ransomware operations against private companies that have included ransom demands of millions of dollars,” it said. It further stated that the US National Security Agency, Cybersecurity and Infrastructure Security Agency, and Federal Bureau of Investigation — NSA, CISA, and FBI — were all set to expose over 50 tactics, techniques, and procedures Chinese state-sponsored cyber actors used when targeting U.S. and allied networks, along with advice for technical mitigations to confront this threat.
Blinken stated that the United States is working with its partners and allies to promote responsible state behaviour in cyberspace, counter cybercrime, and oppose digital authoritarianism. “We are also providing support to countries that are committed to building their capacity to protect their digital networks, investigate and impose consequences on malicious cyber actors, and participate in international conversations on cyber policy. These efforts will enhance global security and stability in cyberspace,” Blinken stated, adding that the State Department “is committed to driving this agenda forward, and we call upon all states that wish to see greater stability in cyberspace to join us in these efforts”.
An unprecedented group of allies and partners — including the European Union, the United Kingdom, Australia, Canada, New Zealand, Japan, and NATO — joined the United States in “exposing and criticizing the PRC’s Ministry of State Security’s malicious cyber activities”. This is the first time NATO has condemned PRC cyber activities.
“No one action can change China’s behavior in cyberspace and neither can just one country acting on its own. Our allies and partners are a tremendous source of strength and a unique American advantage, and our collective approach to cyber threat information sharing, defense. Hence, these efforts — our cooperation with the EU, NATO, and the Five Eyes countries in this effort — will allow us to enhance and increase information sharing, including cyber threat intel and network defense information with public and private stakeholders, and expand diplomatic engagement to strengthen our collective cyber resilience and security cooperation,” a senior administration official said.
– global bihari bureau
