July 19, 2021
US Says China Pays Hackers to Launch Cyberattacks
Such hackers were behind the assault on Microsoft’s email systems. Also, authorities charged four alleged hackers reported to be backed by Beijing.
China’s government pays hackers to launch large-scale cyberattacks on businesses and other targets around the world, including the infamous recent assault on Microsoft’s email systems, leading to the extortion of millions of dollars, according to a statement from President Joe Biden’s administration.
NATO, the European Union and other U.S. allies joined the White House in asserting that China’s Ministry of State Security is in league with the hackers, which launch malware attacks that cripple computer systems until a ransom is paid. The accusations mark the first time the United States has formally accused China of paying cyber criminals to advance major hacking campaigns, according to The New York Times.
“Hackers with a history of working for the People’s Republic of China’s (PRC) Ministry of State Security (MSS) have engaged in ransomware attacks, cyber enabled extortion, crypto-jacking, and rank theft from victims around the world, all for financial gain,” the White House charged.
As the White House called out Beijing, the U.S. Department of Justice also announced criminal charges against four alleged hackers. Prosecutors believe contract hacker Wu Shurong and MSS officers Ding Xiaoyang, Cheng Qingmin and Zhu Yunmin perpetuated a multiyear hacking campaign in which they targeted foreign governments and entities across sectors that include maritime, aviation, defense, education and healthcare in at least a dozen countries, including the U.S.
The quartet of alleged criminals are accused of conspiracy to commit computer fraud and conspiracy to commit espionage, which carry a maximum sentence of 20 years in prison.
“DOJ documents outline how MSS hackers pursued the theft of Ebola virus vaccine research and demonstrate that the PRC’s theft of intellectual property, trade secrets, and confidential business information extends to critical public health information,” the White House said. “Much of the MSS activity alleged in the Department of Justice’s charges stands in stark contrast to the PRC’s bilateral and multilateral commitments to refrain from engaging in cyber-enabled theft of intellectual property for commercial advantage.”
Are you taking the cyber threats and con attempts aimed at your #promproducts business seriously? If not, you're risking a lot: https://t.co/FQgW9soGM5 @Tim_Andrews_ASI @ASI_MBell @asicentral
— Chris Ruvo (@ChrisR_ASI) June 22, 2021
While the DOJ has filed charges, the accused have not been arrested.
“No country or industry is safe,” Deputy Attorney General Lisa Monaco said. “Today’s international condemnation shows that the world wants fair rules, where countries invest in innovation, not theft.”
Meanwhile, the Biden administration and U.S. allies said that they have a “high degree of confidence” that MSS conducted cyber espionage operations that exploited Microsoft email vulnerabilities to compromise tens of thousands of computers and networks in what was a “massive operation that resulted in significant remediation costs for its mostly private sector victims,” of which there tens of thousands according to The New York Times.
“We have raised our concerns about both this incident and the PRC’s broader malicious cyber activity with senior PRC government officials, making clear that the PRC’s actions threaten security, confidence, and stability in cyberspace,” the Biden statement read.
A $70 million ransom demand & up to 1,500 businesses impacted. If you were hit in the latest major #ransomware attack, report it to the FBI, authorities say. https://t.co/S48unFqyDq @ASI_MBell @asicentral @TheresaHegel @Melissa_ASI
— Chris Ruvo (@ChrisR_ASI) July 6, 2021
Following the attack, which came to light in March, the federal government focused on ensuring the MSS-affiliated malicious cyber actors were expelled from public and private sector networks and the vulnerability was patched and mitigated to prevent the malicious cyber actors from returning or causing additional damage.
The White House said that the Biden administration is “working around the clock to modernize federal networks and improve the nation’s cybersecurity, including of critical infrastructure.” You can read more about those efforts here.
As of this writing, the White House had not announced sanctions or punishments for China for the alleged hacking campaigns.
Cybersecurity has been an issue of growing concern in 2021 as wide-reaching, high-profile hackings continue to occur. A criminal gang of hackers believed to be based in Russia or Eastern Europe recently executed an attack that impacted up to 1,500 companies, with the digital crooks demanding a $70 million payment to end the assault. In another cyberattack that happened in the late spring, the hacker group REvil snared an $11 million payment from JBS.