President Joe Biden on Monday said China was worse than Russia on cyber crime because they are ‘accommodating’ hackers while the Kremlin is not.
Earlier in the day, the Biden administration led a worldwide condemnation of China for state-sponsored ransomware attacks, accusing Beijing of a ‘pattern of malicious cyber activities’ that poses a ‘major threat to U.S. and allies’ economic and national security.’
The administration also announced it has determined that China was behind the April hack of the Microsoft Exchange Servers, which affected thousands of users and American businesses. The cyber criminals hit more than 30,000 servers in the US alone and hundreds of thousands worldwide.
‘My understanding is that the Chinese government, not unlike the Russian government, is not doing this themselves but are protecting those who are doing it and maybe even accommodating them being able to do it. That may be the difference,’ Biden told reporters at the White House.
The U.S. has struggled to respond to the surge of cyber attacks against private companies, including the ransomware of Colonial Pipeline and JBS meat supplier – both of whom were targets of Russian-based cyber criminals. Prices of gas and meat went up in the aftermath with both companies paying millions in ransom against the advice of the U.S. government.
But, despite the concern, the U.S. and its allies are taking no formal actions against China but, instead, is raising awareness of its activity. Russia was subject to U.S. sanctions for its malicious cyber activity.
When asked why China wasn’t being punished, Biden said: ‘They’re still determining exactly what happened. Investigation is not finished.’
He said he was getting a briefing on the matter Tuesday.
A senior administration official told reporters on a briefing call Sunday night that the U.S. was first trying to put the spotlight on China’s activities.
‘We’re at that first important stage of bringing awareness,’ the official said.
‘The U.S. and our allies and partners are not ruling out further actions to hold the PRC [People’s Republic of China] accountable,’ the official added.
President Joe Biden said China was worse than Russia on cyber crime because they are ‘accommodating’ hackers while the Kremlin is not.
China is doing the ransomware attacks for its own financial gain, the White House charged, using contractors to do their cyber dirty work.
China is using ‘criminal contract hackers to conduct unsanctioned cyber operations globally, including to their own personal profit,’ the senior administration official said.
The United Kingdom, European Union, Australia, Canada, New Zealand, Japan, and NATO joined in the condemnation of Beijing as cyber hacks are surging around the world.
China is using cyberattacks as a way to advance its economy and become the dominant global superpower, the Justice Department has previously charged.
On Monday, the Justice Department made public that a federal grand jury in San Diego, California, indicted four Chinese nationals who hacked into the computer systems of dozens of victim companies, universities and government entities in the United States and abroad between 2011 and 2018.
The indictment ‘alleges that much of the conspiracy’s theft was focused on information that was of significant economic benefit to China’s companies and commercial sectors, including information that would allow the circumvention of lengthy and resource-intensive research and development processes,’ the DoJ said in a statement. It does not appear related to the Microsoft hack.
The US and its allies accused China’s Ministry of State Security of hiring contract cyber operators to conduct ransomware operations against private companies that include financial demands and millions of dollars.
Those companies include managed service providers, semiconductor companies, the Defense Industrial Base (DIB), universities, and medical institutions, according to the Biden administration.
These hackers are using a range of criminal activities – including cyber-enabled extortion, crypto-jacking, and theft from victims around the world – for their financial gain.
China has previously denied all hacking allegations.
But the senior administration official said the White House was concerned about the ‘aggressive behavior’ coming out China and has discussed the matter with senior officials in the Chinese government.
‘What we found really surprising and new here was the use of criminal contract hackers to conduct this unsanctioned cyber operation and really the criminal activity for financial gain. That was really eye-opening and surprising for us,’ the official said.
As part of its strike back, US government agencies exposed more than 50 tactics techniques and procedures Beijing is using to conduct these acts along with suggestions to mitigate them.
In Microsoft’s case, the company said four vulnerabilities in its software allowed hackers to access servers. Both the company and the White House encouraged users to update their systems with the fixes. Microsoft publicly linked the hack to China in March.
Monday is the first time the government has done, saying it has a ‘high degree of confidence’ that Beijing was behind it.
Additionally, there was at least one American company had been targeted for a ‘large’ ransom by Chinese hackers who asked for millions, the administration revealed, but declined to provide further details.
The U.S. accused China of hiring contract cyber hackers for financial gain; above Chinese President Xi Jinping speaks on the 100th anniversary of the founding of the Communist Party of China
Ransomware attacks are surging worldwide
Russia has garnered the most attention for cyber hacking.
REvil – a Russian-based group of cyber hackers – earlier this month instigated the single, largest global ransomware attack on record when it crippled hundreds of companies worldwide.
REvil was able to breach Kaseya, a Miami-based IT firm, and use their malware protection product to target, it claims, up to 1 million different businesses in at least 17 different countries. Kaseya provides services to more than 40,000 organizations.
The senior administration official said the Chinese government’s use of contract hackers made it unique from Russia where many of the hackers operate independent of the government. The ‘criminal contract hackers to conduct unsanctioned cyber operations globally is distinct,’ the official said.