The United States government is blaming China for a cyber attack against Microsoft. The U.S., the National Atlantic Treaty Organization (NATO), and the European Union (E.U.) are accusing China’s Ministry of State Security of using “criminal contract hackers” to disrupt activities around the world and to make money.
“This irresponsible and harmful behavior resulted in security risks and significant economic loss for our government institutions and private companies, and has shown significant spillover and systemic effects for our security, economy and society at large,” Josep Borrell Fontelles, the E.U.’s Foreign Policy Chief, said. “These activities can be linked to the hacker group.”
“These contract hackers cost governments and businesses billions of dollars in stolen intellectual property, ransom payments, and cybersecurity mitigation efforts, all while the MSS had them on its payroll,” Secretary of State Antony J. Blinken said.
“What we found really surprising and new here was the use of criminal contract hackers to conduct this unsanctioned cyber operation and really the criminal activity for financial gain. That was really eye-opening and surprising for us,” a senior administration official said.
Borrell Fontelles wants the Chinese government to “take all appropriate measures and reasonably available and feasible steps to detect, investigate and address the situation.”
According to CSO Online, at least 30,000 organizations were harmed in the Microsoft Exchange Server hacking in March 2021.
The Microsoft Threat Intelligence Center (MSTIC) said that a Chinese hacking group, Hafnium, is responsible for the cyberattack.
“After exploiting these vulnerabilities to gain initial access, HAFNIUM operators deployed web shells on the compromised server. Web shells potentially allow attackers to steal data and perform additional malicious actions that lead to further compromise,” Microsoft wrote in a blog in March.
The Department of Justice announced on Monday that a federal grand jury indicted four Chinese nationals for planning to hack computer systems of companies, universities, and the government between 2011 and 2018. The group is accused of stealing trade secrets and confidential business information.
“My understanding is that the Chinese government, not unlike the Russian government, is not doing this themselves, but are protecting those who are doing it, and maybe even accommodating them being able to do it. That may be the difference,” President Joe Biden said.
Three of them men worked for the Hainan State Security Department.
An advisory was issued by the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and Cybersecurity and Infrastructure Security Agency (CISA) on Monday. The agencies believe that China’s hacking is a “major threat” to the United States and its allies.
In May, President Biden issued an executive order for his cyber strategy to combat the rise in cyber attacks, and the Department of Justice has vowed to prioritize some cyberattacks on the same level as terrorism.