Open 24/7/365

We Have A Life-Time Warranty /
Guarantee On All Products. (Includes Parts And Labor)

Biden Administration Blames Hackers Tied To China For Microsoft CyberAttack Spree

Four Chinese nationals were indicted over separate hacking activity; dozens of nations condemn Beijing’s state-sponsored hacking. Biden Administration Blames Hackers Tied To China For Microsoft Cyberattack Spree

The Biden administration publicly blamed hackers affiliated with China’s main intelligence service for a far-reaching cyberattack on Microsoft Corp. email software this year, part of a global effort by dozens of nations to condemn Beijing’s malicious cyber activities.

The U.S. government has high confidence that hackers tied to the Ministry of State Security, or MSS, carried out the unusually indiscriminate hack of Microsoft Exchange Server software that emerged in March, senior officials said.

In addition, four Chinese nationals were indicted over a range of separate hacking intrusions dating back a decade that allegedly stole corporate and research secrets from firms and universities around the world. Three of the nationals were described as MSS officers, while a fourth was said to be employed at a Chinese front company that aided the hacking.

“The United States and countries around the world are holding the People’s Republic of China (PRC) accountable for its pattern of irresponsible, disruptive, and destabilizing behavior in cyberspace, which poses a major threat to our economic and national security,” Secretary of State Antony Blinken said Monday. The MSS, he added, had “fostered an ecosystem of criminal contract hackers who carry out both state-sponsored activities and cybercrime for their own financial gain.”

The U.K. and European Union, among others, joined in the attribution of the Microsoft Exchange Server hacking activity, which rendered an estimated hundreds of thousands of mostly small businesses and organizations vulnerable to cyber intrusion. Attributing the Microsoft hack to China was part of a broader global censure Monday of Beijing’s cyberattacks by the U.S., the EU, the U.K., Canada, Australia, New Zealand, Japan and the North Atlantic Treaty Organization, or NATO, a 30-nation alliance.

Biden administration officials called the collective condemnation the largest international effort yet to criticize Beijing’s state-sponsored hacking. While statements varied, the international cohort generally called out China for engaging in harmful cyber activity, including intellectual property theft.

The public shaming, however, didn’t include punitive measures, such as sanctions or diplomatic expulsions by the U.S. That stands in contrast with how the administration recently punished Russia for a range of alleged malicious cyber activity, and the discrepancy drew criticism from some cybersecurity specialists.

The lack of further punishment “looks like a double standard compared with actions against Russian actors. We treat China with kid gloves,” said Dmitri Alperovitch, chairman of Silverado Policy Accelerator, a Washington-based think tank that works to modernize U.S. cybersecurity strategy.

A senior official that said the administration is aware that no single action is capable of changing the Chinese government’s malicious cyber behavior, and that the focus was on bringing countries together in a unified stance against Beijing. The official said that hackers linked to the MSS were using criminal contractors to conduct “unsanctioned” cyber operations globally.

Asked by reporters what he believes the difference is between hacking originating in China and Russia, President Biden said, “My understanding is that the Chinese government, not unlike the Russian government, is not doing this themselves, but are protecting those who are doing it, and maybe even accommodating them being able to do it.”

The U.S.-led announcement is the most significant action from the Biden administration to date concerning China’s yearslong campaign of cyberattacks against the U.S. government and American companies, often involving routine nation-state espionage and the theft of valuable intellectual property such as naval technology and coronavirus-vaccine data.

The indictment the Justice Department made public Monday alleges that the Chinese government has done little to uphold a 2015 accord between China and the Obama Administration not to direct or support cyberattacks that steal corporate records for economic benefit. The Trump administration had also said Beijing repeatedly violated the accord. The indictment, which dates from May, accuses a regional branch of the MSS of relying on a front company, whose payroll was coordinated through a local university, to continue such attacks after the pact was signed.

The indictment charges the four men with orchestrating a hacking campaign from 2011 to 2018 intended to benefit China’s companies and commercial sectors by stealing intellectual property and business information. The indictment didn’t appear directly related to the Microsoft Exchange Server breach, but accused the hackers of stealing information from dozens of companies and universities around the world about Ebola virus research, maritime research and other topics.

U.S. authorities have accused China of widespread hacking targeting American businesses and government agencies for years. China has historically denied the allegations. A spokesman for the Chinese Embassy in Washington didn’t immediately respond to a request for comment.

The Exchange Server hack was disclosed by Microsoft in March alongside a software patch to fix the bugs being exploited in the attack.

Microsoft at the time identified the culprits as a Chinese cyber-espionage group with state ties that it refers to as Hafnium, an assessment that was supported by other cybersecurity researchers. The Biden administration hadn’t offered attribution until now, and it is essentially agreeing with the conclusions of the private sector and providing a more detailed identification.

The attack on the Exchange Server systems began slowly and stealthily in early January by hackers who in the past had targeted infectious-disease researchers, law firms and universities, according to cybersecurity officials and analysts. But the operational tempo appeared to intensify as other China-linked hacking groups became involved, infecting thousands of servers as Microsoft worked to send its customers a software patch in early March.

Microsoft praised Monday’s global action. “Attributions like these will help the international community ensure those behind indiscriminate attacks are held accountable,” said Tom Burt, Microsoft’s vice president of customer security and trust.

Also on Monday, the National Security Agency, Federal Bureau of Investigation and Cybersecurity and Infrastructure Security Agency jointly published technical details of more than 50 tactics and techniques favored by hackers linked to the Chinese government. The release of such lists is common when the U.S. exposes or highlights malicious hacking campaigns and is intended to help businesses and critical infrastructure operators better protect their computer systems.

‘Failure to sanction any PRC-affiliated actors has been one of the most prolific and baffling failures of our China policy that has transcended administrations.’
— Dmitri Alperovitch, Silverado Policy Accelerator

Cybersecurity experts have been pressing the Biden administration for months to respond to China’s alleged involvement in the Microsoft email hack.

“The Microsoft Exchange hacks by MSS contractors is the most reckless cyber operation we have yet seen from the Chinese actors—much more dangerous than the Russian SolarWinds hacks,” said Silverado’s Mr. Alperovitch, referring to the widespread cyber-espionage campaign detected last December that, along with other alleged activities, prompted a suite of punitive measures against Moscow.

Many analysts said the Biden administration broke with years of U.S. foreign policy that tolerated cyber espionage as an acceptable form of 21st century spycraft when it punished Russia earlier this year for SolarWinds.

Kellen Dwyer, a former career prosecutor who served last year as deputy assistant attorney general in the Justice Department’s national security division, said the SolarWinds attack “was an espionage attack, and one that was relatively cautious about imposing collateral damage.”

Meanwhile, said Mr. Dwyer, the Chinese actors who allegedly engaged in the Microsoft Exchange hack grabbed vast swaths of data and “indiscriminately scanned the entire internet to find unpatched vulnerabilities.” He said: “That certainly should be a norm that we are willing to define and meet with sanctions.”

The Chinese defendants charged in the new indictment aren’t in U.S. custody. Some cybersecurity experts have said indictments against foreign state-backed hackers often have little impact, because the accused are rarely brought before an American courtroom. U.S. officials have defended the practice, saying it helps convince allied governments, the private sector and others about the scope of the problem.

The hackers are accused of breaching dozens of schools, companies, and government agencies around the world, ranging from a research facility in California and Florida focused on virus treatments and vaccines, to a Swiss chemicals company that produces maritime paints, to a Pennsylvania university with a robotics engineering program and the National Institutes of Health, to two Saudi Arabian government ministries. The companies and universities aren’t named in the indictment.

The hackers allegedly used fake spear-phishing emails and stored stolen data on GitHub, concealing the files in photos of a koala and Donald Trump, the indictment said. They coordinated with professors at a Chinese university, including to identify and recruit hackers for their campaign, and used the address of the university library as the front company’s location, it said.

Updated: 7-25-2021

Biden Team Has No Immediate Plan To Sanction China Over Hacks

The Biden administration has no immediate plans to levy economic sanctions on Chinese officials in response to the Microsoft Exchange hack that the U.S. blames on Beijing, according to people familiar with the matter.

Some in the administration cite concern that sanctions wouldn’t be as effective as other approaches in deterring future cyber attacks by China, according to two people who spoke on condition of anonymity to describe internal deliberations. But the U.S. hasn’t ruled out the possibility of sanctions in the future, they said.

For now, the U.S. sees the most effective response to China as joining with other countries to publicly expose and criticize the scale of Beijing’s cyber activities. The U.S., U.K., North Atlantic Treaty Organization and other allies on Monday formally attributed the Microsoft Exchange hack to actors affiliated with the Chinese government.

The White House communications staff declined to comment.

An effective sanctions strategy would be for a global coalition to impose economic and financial restrictions, the people said. But there are no current plans for coordinated action on sanctions, one person familiar with the deliberations said.

The attack against Microsoft Corp.’s Exchange email servers took place over the course of two weeks between late February and early March.

The group of nations that criticized China, which includes Australia, Canada, New Zealand and Japan, accused Beijing’s leadership of a broad array of “malicious cyber activities,” saying the Chinese government has been behind a series of data theft and cyber espionage attacks against public and private entities. They specifically cited the sprawling Microsoft Exchange hack earlier this year.

If the Biden administration were to act unilaterally on sanctions, officials say that any Chinese officials the U.S. could target aren’t likely to have assets in dollars or plans to visit the U.S., diminishing the impact, people familiar with the matter said.

Diminishing Effectiveness

President Joe Biden’s team is concerned that sanctions issued merely as punishment, rather than to change the behavior of adversaries, could undermine the effectiveness of sanctions in the future. That leaves public criticism as the administration’s primary first response to the Exchange hack.

China has rejected accusations by the U.S. and allies that actors linked to its government were behind the Exchange hack and other such attacks.

“The U.S. ganged up with its allies and launched an unwarranted accusation against China on cybersecurity,” Chinese Foreign Ministry spokesman Zhao Lijian said earlier this week. “It is purely a smear and suppression out of political motives. China will never accept this.”

The U.S. and China have increasingly been at odds over a range of issues, including economic and military matters. Those tensions were also on display last week when the administration warned investors about the risks of doing business in Hong Kong with an advisory saying China’s push to exert more control over the financial hub threatens the rule of law and endangers employees and data.

China imposed retaliatory sanctions against the U.S. over the Hong Kong business warning, the Ministry of Foreign Affairs said late Friday. The country imposed sanctions against seven individuals, including former President Donald Trump’s commerce secretary, Wilbur Ross.

White House Press Secretary Jen Psaki criticized China for imposing sanctions. “We’re undeterred by these actions, we remain fully committed to implementing all relevant U.S. sanctions authorities,” Psaki told reporters.

Biden Administration Blames Hackers,Biden Administration Blames Hackers,Biden Administration Blames Hackers,Biden Administration Blames Hackers,Biden Administration Blames Hackers,Biden Administration Blames Hackers,Biden Administration Blames Hackers,Biden Administration Blames Hackers,


Related Articles:

US Fights Ransomware With Crypto Tracing, $10 Million Bounties

Faces Are The Next Target For Fraudsters

Russia ‘Cozy Bear’ Breached GOP As Ransomware Attack Hit

Advertising Company Will Use Its Billboards To Track Passing Cellphones

REvil Ransomware Hits 200 Companies In MSP Supply-Chain Attack

What It Will Take To Protect Cities Against Cyber Threats

Home Security Company ADT Betting On Google Partnership To Build Revenue

Carnegie Cyber Kids Academy. World’s Most Prestigious Cyber Defense Training Facility

How To Opt Out Of Amazon’s Bandwidth-Sharing Sidewalk Network

Carnival Discloses Breach of Personal Data On Guests And Crew

UK Cyber Chief Cameron Says Ransomware Key Online Threat

The FBI Secretly Ran The Anom Messaging Platform, Yielding Hundreds Of Arrests In Global Sting

Federal Reserve Hacked More Than 50 Times In 4 Years

All of JBS’s US Beef Plants Were Forced Shut By Cyberattack

It Wasn’t Until Anonymous Payment Systems That Ransomware Became A Problem

How To Use Ian Coleman’s BIP39 Tool For Finding Bitcoin Addresses And Private Keys From A Seed Phrase

A New Ransomware Enters The Fray: Epsilon Red

This Massive Phishing Campaign Delivers Password-Stealing Malware Disguised As Ransomware

Biden Proposes Billions For Cybersecurity After Wave of Attacks

Mobile Crypto ‘Mining’ App Possibly Connected To Personal Data Leak

Ireland Confirms Second Cyber Attack On Health System

US Unveils Plan To Protect Power Grid From Foreign Hackers

Hackers Breach Thousands of Security Cameras, Exposing Tesla, Jails, Hospitals

A Hacker Was Selling A Cybersecurity Exploit As An NFT. Then OpenSea Stepped In

Clubhouse And Its Privacy & Security Risk

Using Google’s ‘Incognito’ Mode Fails To Prevent Tracking

Kia Motors America Victim of Ransomware Attack Demanding $20M In Bitcoin, Report Claims

The Long Hack: How China Exploited A U.S. Tech Supplier

Clubhouse Users’ Raw Audio May Be Exposed To Chinese Partner

Hacker Changed Chemical Level In Florida City’s Water System

UK Merger Watchdog Suffers 150 Data Breaches In Two Years

KeepChange Foils Bitcoin Theft But Loses User Data In Sunday Breach

Hacker Refuses To Hand Police Password For Seized Wallet With $6.5M In Bitcoin

SonicWall Says It Was Victim of ‘Sophisticated’ Hack

Tor Project’s Crypto Donations Increased 23% In 2020

Read This Now If Your Digital Wallet Which Holds Your Crypto-currencies Can Be Accessed Through Cellular, Wifi, Or Bluetooth

Armed Robbers Steal $450K From Hong Kong Crypto Trader

Is Your iPhone Passcode Off Limits To The Law? Supreme Court Ruling Sought

Researchers Warn 3 Apps Have Been Stealing Crypto Undetected For A Year

Ways To Prevent Phishing Scams In 2020

The Pandemic Turbocharged Online Privacy Concerns

US Treasury Breached By Foreign-Backed Hackers

FireEye Hack Portends A Scary Era Of Cyber-Insecurity

How FinCEN Became A Honeypot For Sensitive Personal Data

Apple And Google To Stop X-Mode From Collecting Location Data From Users’ Phones

Surge In Physical Threats During Pandemic Complicates Employee Security Efforts

Imagine A Nutrition Label—for Cybersecurity

Cybercriminals Attack GoDaddy-based Cryptocurrency Platforms

Biden Team Lacks Full U.S. Cybersecurity Support In Transition Fracas

Nasdaq To Buy Anti-Financial Crime Firm Verafin For $2.75 Billion

Mysterious Software Bugs Were Used To Hack iPhones and Android Phones and No One Will Talk About It

Dark Web Hackers Say They Hold Keys To 10,000 Robinhood Accounts #GotBitcoin

Hackers Steal $2.3 Million From Trump Wisconsin Campaign Account

Crypto Scammers Deface Trump Campaign Website One Week From Elections

Telecoms Protocol From 1975 Exploited To Target 20 Crypto Executives

With Traders Far From Offices, Banks Bring Surveillance To Homes

Financial Systems Set Up To Monitor Unemployment Insurance Fraud Are Being Overloaded (#GotBlockchain?)

A Millionaire Hacker’s Lessons For Corporate America

Container Shipping Line CMA CGM Says Data Possibly Stolen In Cyberattack

Major Hospital System Hit With Cyberattack, Potentially Largest In U.S. History

Hacker Releases Information On Las Vegas-Area Students After Officials Don’t Pay Ransom

Russian Troll Farms Posing As African-American Support For Donald Trump

US Moves To Seize Cryptocurrency Accounts Linked To North Korean Heists

These Illicit SIM Cards Are Making Hacks Like Twitter’s Easier

Uber Exec Allegedly Concealed 2016 Hack With $100K BTC ‘Bug Bounty’ Pay-Off

Senate Panel’s Russia Probe Found Counterintelligence Risks In Trump’s 2016 Campaign

Bockchain Based Surveillance Camera Technology Detects Crime In Real-Time

Trump Bans TicToc For Violating Your Privacy Rights While Giving US-Based Firm Go Ahead (#GotBitcoin?)

Facebook Offers Money To Reel In TikTok Creators

How A Facebook Employee Helped Trump Win—But Switched Sides For 2020

Facebook Rebuffs Barr, Moves Ahead on Messaging Encryption

Facebook Ad Rates Fall As Coronavirus Undermines Ad Spending

Facebook Labels Trump Posts On Grounds That He’s Inciting Violence

Crypto Prediction Markets Face Competition From Facebook ‘Forecasts’ (#GotBitcoin?)

Coronavirus Is The Pin That Burst Facebook And Google Online Ads Business Bubble

OpenLibra Plans To Launch Permissionless Fork Of Facebook’s Stablecoin (#GotBitcoin?)

Facebook Warns Investors That Libra Stablecoin May Never Launch (#GotBitcoin?)

FTC Approves Roughly $5 Billion Facebook Settlement (#GotBitcoin?)

How Facebook Coin’s Big Corporate Backers Will Profit From Crypto

Facebook’s Libra Is Bad For African Americans (#GotBitcoin?)

A Monumental Fight Over Facebook’s Cryptocurrency Is Coming (#GotBitcoin?)

Alert! 540 Million Facebook Users’ Data Exposed On Amazon Servers (#GotBitcoin?)

Facebook Bug Potentially Exposed Unshared Photos of Up 6.8 Million Users (#GotBitcoin?)

Facebook Says Millions of Users’ Passwords Were Improperly Stored in Internal Systems (#GotBitcoin?)

Advertisers Allege Facebook Failed to Disclose Key Metric Error For More Than A Year (#GotBitcoin?)

Ad Agency CEO Calls On Marketers To Take Collective Stand Against Facebook (#GotBitcoin?)

Thieves Can Now Nab Your Data In A Few Minutes For A Few Bucks (#GotBitcoin?)

New Crypto Mining Malware Beapy Uses Leaked NSA Hacking Tools: Symantec Research (#GotBitcoin?)

Equifax, FICO Team Up To Sell Your Financial Data To Banks (#GotBitcoin?)

Cyber-Security Alert!: FEMA Leaked Data Of 2.3 Million Disaster Survivors (#GotBitcoin?)

DMV Hacked! Your Personal Records Are Now Being Transmitted To Croatia (#GotBitcoin?)

Lithuanian Man Pleads Guilty In $100 Million Fraud Against Google, Facebook (#GotBitcoin?)

Hack Alert! Buca Di Beppo, Owned By Earl Enterprises Suffers Data Breach Of 2M Cards (#GotBitcoin?)

SEC Hack Proves Bitcoin Has Better Data Security (#GotBitcoin?)

Maxine Waters (D., Calif.) Rises As Banking Industry’s Overseer (#GotBitcoin?)

FICO Plans Big Shift In Credit-Score Calculations, Potentially Boosting Millions of Borrowers (#GotBitcoin?)

Our Facebook Page

Your Questions And Comments Are Greatly Appreciated.

Monty H. & Carolyn A.

Go back

Leave a Reply