The White House, along with other Western allies on Monday, formally accused the Chinese Communist regime of carrying out a massive cyberattack, which included the Microsoft Exchange email server. However, the accusations did not include any formal retaliation for the aberrant acts.
A senior Biden administration official announced in a telephone press conference Sunday night that China’s Ministry of State Security hired a group of hackers to launch cyber operations around the world, which included the controversial hack of Microsoft Exchange revealed in March of this year.
The United States joined the European Union, NATO, the United Kingdom, Australia, Canada, New Zealand and Japan in a joint condemnation of the Chinese Communist Party (CCP), arguing for a united front globally against China’s activities in cyberspace.
“Their operations include criminal activities such as cyber extortion, encryption hijacking and stealing from victims around the world for financial gain,” the Biden official noted, referring to the CCP’s agency.
When the U.S. publicly signals cyberattacks of this type of action by foreign governments or third parties that put national security at risk, it usually announces retaliatory sanctions against those responsible.
However, it was surprising that on this occasion, despite the seriousness of the reported attack, no condemnatory action was reported beyond the message repudiating the facts.
In April, the White House officially blamed the Russian government for the cyber-attack against Solarwinds that compromised the security of multiple U.S. government agencies. At the time, it announced a series of tough economic sanctions against the Russian perpetrators.
Beijing’s wide range of cyber threats revealed included ransomware attacks by CCP–affiliated hackers that have targeted a large number of victims inside and outside the United States with millions of dollars in lawsuits ongoing.
The attack also included businesses, universities and government entities. The defendants are accused of stealing trade secrets and confidential business information.
However, the senior administration official who briefed reporters said the United States has stood up to Chinese officials. The White House believes the multinational public shaming sends an important message, implying that would be enough.
The European Union (EU), issued an official statement on Monday 19 against the CCP, urging its authorities to ”to take action against malicious cyber activities undertaken from its territory.”
“The compromise and exploitation of the Microsoft Exchange server undermined the security and integrity of thousands of computers and networks worldwide, including in the member states and EU institutions. It allowed access to a significant number of hackers that have continued to exploit the compromise to date,” the statement asserts.
Britain also joined in the criticism, when the UK’s National Cyber Security Center announced Monday that the groups were targeting maritime industries and naval defense contractors in the United States and Europe and the Finnish parliament.
Meanwhile, UK Foreign Secretary Dominic Raab said the cyberattack on Microsoft Exchange “by Chinese state-backed groups was a pattern of reckless but habitual behavior.”