US, allies accuse China of global cyberhacking campaign, offer $10m for leads on foreign hackers

*The White House announces the United States and countries around the world are holding the People’s Republic of China accountable for its ‘pattern of irresponsible, disruptive, and destabilising behaviour in cyberspace’

*But Chinese spyware code was copied from America’s NSA, say researchers

Gbenga Kayode | ConsumerConnect

Against the backdrop of the increasing wave of cyberattacks and attendant socio-economic consequences on individuals, businesses, organisations and governments in recent times, the United States (US) and a coalition of allies have accused China’s Ministry of State Security of a global cyber hacking campaign.

ConsumerConnect learnt they specifically, have attributed a large Microsoft attack disclosed earlier this year to hackers working on Beijing’s behalf, agency report said.

Administration officials in a statement Monday, July 19, 2021, formally blamed the Chinese government “with high confidence” for the hack that hit businesses and government agencies in the United States using a Microsoft email service.

Chinese hack concept   Photo: Getty Images

Microsoft has already accused China of responsibility in this regard.

A White House fact sheet released Monday also stated that in opening a new area of tensions with China, the United States is being joined by the North Atlantic Treaty Organisation (NATO), the European Union (EU), Britain, Australia, Japan, New Zealand and Canada to prefer the allegations.

US Secretary of State Anthony Blinken in the statement said: “The United States and countries around the world are holding the People’s Republic of China accountable for its pattern of irresponsible, disruptive, and destabilising behaviour in cyberspace, which poses a major threat to our economic and national security.”

Similarly, the US Justice Department Monday announced that four Chinese nationals were charged for a global hacking campaign, aimed at dozens of companies, universities and government agencies in the United States and abroad between 2011 and 2018 that focused on information that would significantly benefit Chinese companies and businesses.

Agency report indicates that the opening of a new front in the governments’ war against hacking comes a month after G7 and NATO leaders agreed with President Joe Biden at summits in Cornwall, England, and Brussels in accusing China of posing systemic challenges to the world order.

The US Secretary of State further said that the governments formally attributed intrusions exploiting vulnerabilities in the Microsoft Exchange Server that were disclosed March this year “cyber actors affiliated with” China’s Ministry of State Security.

Blinken cited the indictment of the three security officers and the hacker as an instance of how the United States will impose consequences.

The Chinese Embassy in Washington did not immediately respond to a request for comment, reports Reuters.

However, Chinese officials have previously maintained that China is also a victim of hacking and opposes all forms of cyberattacks.

But a senior administration official has disclosed that the US federal agencies, including the National Security Council, the FBI and the National Security Agency, will outline more than 50 techniques and procedures that “China state-sponsored actors” use in targeting US networks.

The 31-page US cybersecurity advisory was quoted to have revealed Chinese state-sponsored cyber actors “consistently scan target networks” for critical and high vulnerabilities within days of the vulnerability’s public disclosure.

The US administration officials said the scope and scale of hacking attributed to China has surprised them, along with China’s use of “criminal contract hackers.”

“The PRC’s Ministry of State Security (MSS) has fostered an ecosystem of criminal contract hackers who carry out both state-sponsored activities and cybercrime for their own financial gain,” Blinken noted.

The United States, report said, in recent months has focused full attention on Russia in accusing Russian cyberhackers of a string of ransomware attacks in the country.

US offers $10million for tips overseas hackers

Meanwhile, the United States is offering $10 million for pieces of information that can help to identify or locate threat actors acting on behalf of foreign governments to target critical infrastructure in the country.

The Department of State in a recent statement said: “The U.S. Department of State is offering a reward of up to $10 million for information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, participates in malicious cyber activities against US critical infrastructure in violation of the Computer Fraud and Abuse Act (CFAA).”

Since its inception in 1984, the Rewards for Justice (RFJ) programme has paid in excess of $200 million to more than 100 people across the globe, report said.

The US has set up a Tor-based tips-reporting channel to protect the safety and security of potential sources.

The statement noted: “Certain malicious cyber operations targeting U.S. critical infrastructure may violate the CFAA.

“Violations of the statute may include transmitting extortion threats as part of ransomware attacks; intentional unauthorised access to a computer or exceeding authorised access and thereby obtaining information from any protected computer; and knowingly causing the transmission of a programme, information, code, or command, and as a result of such conduct, intentionally causing damage without authorisation to a protected computer.

“Protected computers include not only US government and financial institution computer systems, but also those used in or affecting interstate or foreign commerce or communication.”

Kindly Share This Story