The United States, Canada, and many other countries officially accused China of massive hacking of Microsoft Exchange email server software on Monday, saying Beijing worked with criminal hackers in ransomware attacks and other cyber operations. I blamed you.
They did not impose sanctions on the Chinese government, but the announcement was intended as a strong condemnation of the activities of senior Biden administration officials, who were described as forming part of a “pattern of irresponsible behavior in cyberspace.” ..
The Canadian government estimates that as many as 400,000 servers have been compromised.
“This activity has put thousands of Canadian entities at risk, even with patches from Microsoft, in some cases continuing to risk,” said Bill Garneau, Foreign Minister Bill, in a statement. -Minister of Public Security Blair and Defense Minister Harjit Sajjan said.
“Canada is confident that the (China) Department of Homeland Security is responsible for the widespread breach of Exchange servers.”
The scope of cyber threats includes ransomware attacks by government-related hackers targeting victims who demand millions of dollars. US officials claim that the Chinese Department of Homeland Security is using criminal contract hackers engaged in cyber extortion programs and theft for their own benefit.
Meanwhile, the U.S. Department of Justice is working with the Department of Homeland Security on Monday in a hacking campaign targeting dozens of computer systems, including businesses, universities, and government agencies, four prosecutors said. Announced charges against the Chinese people. Defendants have been accused of stealing corporate secrets and confidential business information.
Unlike April, When the Russian hacking public pointing was paired with a raft of sanctions against Moscow, The Biden administration did not announce any action against Beijing.
Canada also refused to impose any kind of disciplinary action. But the United States confronted Chinese officials behind the scenes, hoping that Monday’s public shame would send an important message, a senior Biden administration official told reporters Monday.
The European Union and Britain also called for China. The EU said that malicious cyber activities with “significant impacts” targeting government agencies, political organizations, and key industries in the block’s 27 member states could be associated with China’s hacking groups. Said. The UK’s National Cyber Security Center said the group targeted the maritime industry and naval defense contractors in the US, European and Finnish parliaments.
See | Canadians have probably been hit by a massive Microsoft hack
In a statement, EU foreign policy director Josep Borrell said the hack was “made from Chinese territory for the purpose of intellectual property theft and espionage.”
“The cyberattack on Microsoft Exchange by a Chinese state-owned group was a reckless but familiar pattern of behavior,” said British Foreign Minister Dominic Raab.
NATO, in China’s first public condemnation of hacking activities, called on Beijing to uphold its international commitments and obligations and “act responsibly in international systems, including cyberspace.” The alliance said it was determined to “proactively stop, defend and counter the full range of cyber threats.”
It was surprising that a hacker belonging to the Department of Homeland Security was involved in ransomware, and he was concerned about the US government, a senior government official said. However, the attack on an unidentified American company with a high ransom demand also provided new insights into what U.S. officials described as “aggressive behavior as coming out of China.” ..
Most of the most devastating and high-profile ransomware attacks these days are related to Russian criminal gangs. The U.S. sometimes sees the relationship between Russian intelligence and individual hackers, but officials say the Chinese government’s use of criminal contract hackers is “different from performing unauthorized cyber operations globally.” Stated.
Monday’s recommendations from the FBI, the National Security Agency, the Cyber Security and Infrastructure Security Agency presented specific technologies and methods by which government agencies and businesses can protect themselves.
A spokesman for the Chinese embassy in Washington did not immediately return an email asking for comment on Monday. However, a spokesperson for the Ministry of Foreign Affairs of China has previously distracted the accusations of Microsoft Exchange hacking, stating that China “resolutely opposes and counters all forms of cyberattacks and theft,” and attributed cyberattacks. Warned that “it should be based on evidence, not groundless accusations.” “”
Canada’s cybersecurity agency also released a report last Friday outlining some of the threats foreign actors could pose during the next federal election, which Prime Minister Justin Trudeau is expected to call within a few weeks. Did.
Since 2015, the Communications Security Establishment Report has specifically condemned most of the online attacks and threats to democratic processes in Canada and other parts of the world against China, Russia and Iran.
Canada has good defenses and may not be the main target now, but the CSE said, “With strategic intent, the tools, capabilities, and political situation in the country to take action in the future. More actors understand it. ” “”
U.S. and Canada accused China of hacking Microsoft Exchange earlier this year
Source link U.S. and Canada accused China of hacking Microsoft Exchange earlier this year