Virtual Event Today: Cloud & Data Security Summit - Join Event In-Progress
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

China Says Washington Hack Claims ‘Fabricated’, Condemns US Allies

China on Tuesday said the US had “fabricated” allegations it carried out a massive Microsoft hack, countering that Washington was the “world champion” of cyber attacks while raging at American allies for signing up to a rare joint statement of condemnation.

China on Tuesday said the US had “fabricated” allegations it carried out a massive Microsoft hack, countering that Washington was the “world champion” of cyber attacks while raging at American allies for signing up to a rare joint statement of condemnation.

The United States on Monday accused Beijing of carrying out the March cyber attack on Microsoft Exchange, a top email server for corporations around the world, and charged four Chinese nationals over the “malicious” hack.

US Secretary of State Antony Blinken said the attack was part of a “pattern of irresponsible, disruptive and destabilizing behavior in cyberspace”.

China’s Ministry of State Security, or MSS, “has fostered an ecosystem of criminal contract hackers who carry out both state-sponsored activities and cybercrime for their own financial gain”, Blinken said in a statement.

In a simultaneous announcement, the US Department of Justice said four Chinese nationals had been charged with hacking the computers of dozens of companies, universities and government bodies in the United States and abroad between 2011 and 2018.

President Joe Biden told reporters the United States was still completing an investigation before taking any countermeasures, and drew parallels with the murky but prolific cybercrime attributed by Western officials to Russia.

Advertisement. Scroll to continue reading.

“The Chinese government, not unlike the Russian government, is not doing this themselves, but are protecting those who are doing it, and maybe even accommodating them being able to do it,” Biden told reporters.

In an effort to put the diplomatic squeeze on Beijing, the United States coordinated its statement Monday with allies — the European Union, Britain, Australia, Canada, New Zealand, Japan and NATO.

China hit back, calling the allegations of a Beijing-supported cyber-attack campaign “fabricated”.

“The US has mustered its allies to carry out unreasonable criticisms against China on the issue of cybersecurity,” foreign ministry spokesman Zhao Lijian told reporters in Beijing.

“This move is fabricated out of nothing.”

Earlier, China’s diplomatic missions around the world rattled out rebuttals, as Beijing made its own coordinated defence.

The Chinese embassy in New Zealand called the allegations “totally groundless and irresponsible” while the embassy in Australia accused Canberra of “parroting the rhetoric of the US”.

“It is well known that the US has engaged in unscrupulous, massive and indiscriminate eavesdropping on many countries including its allies,” the embassy said in a statement.

“It is the world champion of malicious cyber attacks.”

– NATO solidarity –

Biden, like his predecessor Donald Trump, has ramped up pressure on China, seeing the rising Asian power’s increasingly assertive moves at home and abroad as the main long-term threat to the United States.

Allies backed up the castigation of China, with British Foreign Secretary Dominic Raab describing the cyberattack as “reckless”.

NATO offered “solidarity” over the Microsoft hacking without directly assigning blame.

State Department spokesman Ned Price said it was the first time that NATO — the Western military alliance whose members include Hungary and Turkey, which have comparatively cordial relations with Beijing — has condemned cyber activity from China.

“We know we’ll be stronger, we know we’ll be more effective when we act collectively,” Price said, saying the United States was not ruling out further action.

Biden has promised a strategy driven by alliances to face Beijing, drawing a contrast with Trump’s predilection for harsh rhetoric.

– Billions seen lost –

The Microsoft hack, which exploited flaws in the Microsoft Exchange service, affected at least 30,000 US organisations including local governments as well as organizations worldwide.

“Responsible states do not indiscriminately compromise global network security nor knowingly harbor cyber criminals — let alone sponsor or collaborate with them,” Blinken said in his statement.

“These contract hackers cost governments and businesses billions of dollars in stolen intellectual property, ransom payments, and cybersecurity mitigation efforts, all while the MSS had them on its payroll.”

Accusations of cyberattacks against the United States have recently focused on Russia, rather than China.

US officials say that many of the attacks originate in Russia, although they have debated to what extent there is state involvement. Russia denies responsibility.

Related: ‘Five Eyes’ Nations Blame China for APT10 Attacks

Related: More Countries Officially Blame Russia for SolarWinds Attack

Related: UK, US, Canada Accuse Russia of Hacking Virus Vaccine Trials

Written By

AFP 2023

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

Jazz has named Sean Robinson, Rickie Goyal, Danielle Guetta, Shani Nago, and Lior Magram as VPs and Michael Calev as COO.

AJ Shipley has been appointed Chief Product Officer at CrowdStrike.

Brinqa has named Ron Dovich as Chief AI and Automation Officer, David Allen as CTO, Steve Biagioni as CFO, and James Walta as VP of Product.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.