The United States and its main allies are accused the Chinese government for the first time hiring troops to carry out cyber attacks in the West. Attacks on China include the recent hacking of Microsoft Exchange, a major and widespread breach that gave attackers access to an estimated 30,000 organizations ’email servers in the United States alone.
The Microsoft Exchange attack was originally blamed on Hafnium, a Chinese state-backed hacking group. White House senior official said Financial Times that the U.S. government had “great confidence” that Exchange hackers were paid by the Chinese State Security Department.
“[China’s] “MSS – the state’s Department of Homeland Security – uses criminal hackers to conduct unpunished cyber operations worldwide, including for their own personal gain,” the official said.
China was accused by the United States, the EU, the United Kingdom, Australia, Canada, New Zealand, Japan and NATO, reports Bloomberg news.
Inside something press release, The European Union said these and other attacks were related to hacking groups known as Advanced Persistent Threat 40 and Advanced Persistent Threat 31 (these identifiers are used by cyber security professionals to monitor the activities of well-known organizations). United Kingdom National Cyber Security Center (NCSC) said that the APT40 group had targeted “the maritime industry and naval defense contractors in the United States and Europe,” while the APT30 had attacked “governing bodies, including the Finnish Parliament in 2020”.
“The attack on Microsoft Exchange servers is another serious example of the malicious behavior of Chinese state-backed actors in cyberspace,” NCSC Chief Operating Officer Paul Chichester said in a press release. “Such behavior is completely unacceptable, and we don’t hesitate to call it alongside our partners when we see it.”
Cyber attacks and blackmail malware have been on the rise in recent years, and hacker forces have apparently targeted larger organizations. This year alone, hackers have targeted America the largest supplier of meat and central oil pipe, although in both cases the responsible groups are assumed to be based in Eastern Europe and probably in Russia.
Russia was also accused of hacking SolarWinds in 2020, which insulted several U.S. federal government units and to which the U.S. responded new economic sanctions.
However, the announcement released today does not contain similar sanctions against China for its role in the Microsoft Exchange attack (although they may follow). The U.S. Department of Justice, however inform criminal charges against four hackers sponsored by China’s MSS for a “multi-year campaign targeting foreign governments and a dozen countries in key sectors such as shipping, aviation, defense, education and health.
The most significant feature of today’s accusation, on the other hand, is the broad alliance of countries that publicly condemn China. It is also the first time the NATO military alliance has officially accused the country of organizing cyber attacks.