U.S. accuses China of abetting cybercrime, ransomware attacks conducted

The White House on Monday stated that hackers employed by the Chinese intelligence played a role in using ransomware to extort U.S. businesses.

The United States and its allies, including the European Union, NATO, the U.K., Australia, and Japan, have been collaborating in condemning the Chinese government for “malicious cyber activity”, a senior White House official told reporters on a call Sunday night.

It is a significant stride in a  decade-long effort by the U.S. to overcome Chinese government hacking. Additionally, it is a demonstration of the tactic adopted by the Biden administration, working towards enlisting allies to coerce a change in behavior from China, after an array of unilateral decisions seen under the Trump presidency.

“The compromise and exploitation of the Microsoft Exchange server undermined the security and integrity of thousands of computers and networks worldwide,” the Council of the European Union said in a published statement Monday. “This irresponsible and harmful behavior resulted in security risks and significant economic loss for our government institutions and private companies, and has shown significant spill-over and systemic effects for our security, economy, and society at large.”

When approached for a comment, the spokesperson for China’s consulate in New York City was not too prompt in his response.

The joint announcement focuses on the discovery and subsequent exploitation of an apparent flaw in Microsoft’s Exchange software this year, the official said.

The hackers- identified by the U.S. government and private cybersecurity experts as likely affiliates of China’s Ministry of State Security- initiated their use of the flaw in January, hacking into companies supposedly as a part of a conventional spying operation by China. Whereas, other hackers misused the flaw to launch ransomware attacks.

The announcement on Monday serves to be the first instance of the U.S. accusing China of abetting ransomware attackers. Previously, there have been accusations against some hackers working for Chinese intelligence of using their skills to engage in cybercrime to learn some extra money.

A shadow of unclarity surrounds the success of the ransomware attacks or whether the MSS hackers were the ones to launch this attack or relied on cybercriminal affiliates. But, it is clear that demands have been made, the official said.

“In some cases, we’re aware where [People’s Republic of China] government-affiliated cyber operators have conducted ransomware operations against private companies that have included ransom demands of millions of dollars,” the official said.