For the first time, the United States of America and its key allies have accused the Chinese government of hiring hacker groups to carry out cyberattacks in the West. Among such attacks attributed to China is the recent hacking of Microsoft Exchange. This significant and widespread attack gave attackers access to the email servers of approximately 30,000 organizations in the United States alone.
The attack on Microsoft Exchange was initially blamed on the Chinese-sponsored Hafnium hacker group. A senior White House official told reporters during a briefing over the weekend that the US government is “quite confident” that the hackers behind this on Exchange are being paid by the Chinese government.
“The [Chinese] MGB – Ministry of State Security – uses criminal contract hackers to conduct unauthorized cyber operations around the world, including for personal gain,” the official said. “Their operations include criminal activities such as cyberspace extortion, cryptojacking and theft from victims around the world for financial gain.”
The US, EU, UK, Australia, Canada, New Zealand, Japan, and NATO have brought charges against China.
In a press statement, the European Union noted that these and other attacks were associated with hacker groups known as Advanced Persistent Threat 40 and Advanced Persistent Threat 31 (these shortcuts are used by cybersecurity professionals to track the activities of prominent organizations). The UK’s National Cyber Security Center (NCSC) said the APT40 group is targeting “the maritime industry and naval defense contractors in the US and Europe,” while APT30 has targeted “government agencies, including the Finnish parliament in 2020.”
“The attack on Microsoft Exchange servers is another major example of cyber malice by Chinese government officials,” NCSC COO Paul Chichester said in a press statement.
The United States, together with partners, is considering the possibility of bringing China to justice for these violations. However, it has not yet been specified exactly what consequences the Chinese government should expect.
“The United States, our allies and partners do not rule out further actions to bring China to justice,” a senior White House official said during a briefing.
The US Department of Justice has already filed criminal charges against four hackers sponsored by the Chinese MGB for “a multi-year campaign targeting foreign governments and organizations in key sectors including maritime, aviation, defense, education and healthcare in at least a dozen countries.”