



WASHINGTON The Biden administration formally accused the Chinese government on Monday of violating Microsoft messaging systems used by many of the world’s largest companies, governments and military contractors, as the United States joined a large group of allies, including all NATO members, to condemn Beijing for cyberattacks around the world.

The United States has for the first time accused China of paying criminal groups to carry out large-scale hacks, including ransomware attacks to extort millions of dollars from companies, according to a White House statement. Microsoft had singled out hackers linked to China’s State Security Ministry for exploiting loopholes in the company’s messaging systems in March; The United States’ announcement on Monday morning was the first suggestion that the Chinese government had hired criminal groups to hack tens of thousands of computers and networks around the world for significant repair costs for its victims mainly in the industry. private, according to the White House.

Secretary of State Antony J. Blinken said in a statement Monday that China’s State Security Ministry has fostered an ecosystem of criminal hackers who carry out both state-sponsored activities and cybercrime for their own financial gain.

These hackers have cost governments and businesses billions of dollars in stolen intellectual property, ransom payments and cybersecurity mitigation efforts, while MSS had them on its payroll, Blinken said. .

The condemnation of NATO and the European Union is unusual, as most of their member countries have been deeply reluctant to publicly criticize China, a major trading partner. But even Germany, whose companies have been hit hard by hacking into Microsoft Exchange messaging systems that companies maintain themselves, rather than putting them in the cloud, cited the Chinese government for its work.

We call on all states, including China, to respect their international commitments and obligations and to act responsibly in the international system, including in cyberspace, according to a NATO statement.

Despite the mess, the ad lacked sanctions similar to those the White House imposed on Russia in April, when it blamed the country for the massive SolarWinds attack that hit U.S. government agencies and more than 100 companies. (The Department of Justice on Friday unveiled a May indictment against Chinese residents with a campaign to hack the computer systems of dozens of businesses, universities and government entities in the United States between 2011 and 2018. The hackers developed shell companies to hide any role the Chinese government had supported the operation, according to the Justice Department.)

By imposing sanctions on Russia and organizing allies to condemn China, the Biden administration has plunged deeper into a digital cold war with its two main geopolitical adversaries than at any time in modern history.

While there is nothing new about digital espionage on Russia and China and Washington’s efforts to block it, the Biden administration has been surprisingly aggressive in calling out the two countries and organizing a coordinated response.

But so far, he has yet to find the right mix of defensive and offensive actions to create effective deterrence, according to most outside experts. And the Russians and the Chinese have become more daring. The SolarWinds attack, one of the most sophisticated ever detected in the United States, was an effort by the main Russian intelligence service to modify the code of widely used network management software to access more than 18,000 businesses, federal agencies and think tanks.

Update

July 16, 2021, 7:55 p.m. ET

China’s effort was not as sophisticated, but it took advantage of a vulnerability that Microsoft had not discovered and used it to conduct espionage and undermine confidence in the security of systems that Microsoft had not discovered. companies use it for their primary communications. It took months for the Biden administration to develop what officials say is great confidence that the hack into Microsoft’s messaging system was done at the behest of the Department of State Security, the senior official said. administration, and encouraged by private actors who had been hired by Chinese intelligence.

The last time China was caught in such large-scale surveillance was in 2014, when it stole more than 22 million security clearance files from the Bureau of Personnel Management, allowing for an understanding depth of the lives of Americans who are allowed to keep nations a secret.

President Biden has vowed to fortify the government, making cybersecurity a goal of his summit meeting in Geneva with Russian President Vladimir V. Putin last month. But her administration was faced with questions about how she would also deal with the growing threat from China, especially after Microsoft’s hack was publicly exposed.

Speaking to reporters on Sunday, the senior administration official admitted that China’s public condemnation would do little to prevent future attacks.

No action can change China’s behavior in cyberspace, the official said. And a single country could not act alone either.

But the decision not to impose sanctions on China was also revealing: it was a step many allies would not agree to take.

Instead, the Biden administration decided to rally enough allies to join in on China’s public denunciation to maximize pressure on Beijing to reduce cyber attacks, the official said.

The joint statement criticizing China, to be released by the United States, Australia, Britain, Canada, the European Union, Japan and New Zealand, is unusually broad. It is also the first NATO statement to publicly target Beijing for cybercrime.

The National Security Agency, the FBI and the Cybersecurity and Infrastructure Security Agency also issued an advisory on Monday warning that the Chinese hack posed a major threat to the United States and its allies. China’s targets include political, economic, military and educational institutions, as well as critical infrastructure.

Government-hired criminal groups aim to steal sensitive data, critical technologies and intellectual property, according to the advisory.

The FBI took an unusual step in hacking Microsoft: in addition to investigating the attacks, the agency obtained a court order allowing it to enter unpatched corporate systems and remove items from code left by Chinese hackers that could allow tracking attacks. . It was the first time the FBI had intervened to remedy an attack and investigate its perpetrators.

