According to a White House statement today, hackers working for the Chinese government are involved in ransomware attacks against businesses.
The announcement was part of a broader effort by the United States and a large group of allies, including the European Union, NATO, the United Kingdom, Australia and Japan, to condemn the Chinese government for "malicious cyber activity," a senior official said. of the White House to journalists.
The move marks a significant escalation of the US effort to crack down on Chinese government hackers. It is also an example of how the Biden government is trying to recruit allies in an effort to change China's behavior.
"The breach and exploitation of the server microsoft Exchange, undermined the security and integrity of thousands of computers and networks worldwideThe Council of the European Union said in a statement on Monday. "This irresponsible and harmful behavior has resulted in security risks and significant financial loss for our government institutions and our private companies and has caused significant leaks and systemic consequences for our security, economy and society in general.. "
The joint announcement largely concerns the discovery and exploitation of a flaw in Microsoft Exchange software this year, the official said.
The hackers were immediately identified by the US government and private security experts in the cyberspace are likely to be associated with Ministry of State Security of China ή MSS.
Monday's announcement marks the first time the United States has accused China of committing ransomware attacks.
It is not clear how successful the ransomware attacks were or whether the hackers working for the MSS carried them out directly or relied on cybercriminals. But the official said requests had been made.
Separately, the US Department of Justice has charged four individuals with allegedly working for the Chinese government to breach companies in an attempt to steal copyright and confidential information and then share that information with Chinese companies.
The Biden government is under pressure to control ransomware attacks.
Most of the most productive ransomware operators are believed to be operating in and around Russia, prompting President Joe Biden to say the United States will take immediate action against the criminals if Russian President Vladimir Putin does not intervene.
The Microsoft Exchange breach led to a high-profile espionage campaign that quickly turned into several ransomware attacks. Hackers who first began exploiting vulnerabilities appeared to act like most government criminals, spying on government and corporate targets.
State-funded hacker groups usually keep discovering key software vulnerabilities for themselves, but other groups, including criminals, have begun to exploit the flaw, leading to speculation that it has been made public. It was not clear how many organizations were targeted or whether any of the attacks were successful. However, there have been many attacks against the US.