US and allies accuse China of global hacking campaign

Hacker on a computer with a Chinese flag in the background
(Image credit: Shutterstock)

The United States and a coalition of allies accused China on Monday of employing “criminal contract hackers” for a global hacking campaign — specifically in a massive Microsoft Exchange Server attack earlier this year.

NATO, the European Union, Britain, Australia, Canada, Japan and New Zealand join the US in making these allegations, according to Reuters and The Associated Press.

“The United States and countries around the world are holding the People’s Republic of China accountable for its pattern of irresponsible, disruptive, and destabilizing behavior in cyberspace, which poses a major threat to our economic and national security,” US Secretary of State Anthony Blinken said Monday.

According to estimates, the Microsoft Exchange Server hack, which was disclosed in March, has affected more than a quarter of a million servers worldwide. The attack on Microsoft’s popular email service was found to have been led by state-backed hackers, specifically the Chinese-based Hafnium and at least 10 other hacking groups.

The UK government also pointed fingers at China in that attack, formally accusing the Chinese Ministry of State Security on Monday of being behind it.

Also on Monday, the US Justice Department announced charges against four Chinese nationals — three security officials and one contract hacker — who are accused in a global hacking campaign targeting dozens of companies, universities, and government agencies in the US and abroad.

The attacks, which occurred between 2011 and 2018, targeted business trade secrets that would significantly benefit Chinese corporations in the aviation, defense, education, government, health care, biopharmaceutical, and maritime industries, according to the Justice Department.

The defendants and officials in the Hainan State Security Department, a regional security office, used a front company to hide the Chinese government’s role in the operation, according to a federal indictment.

Although Monday’s announcements included no sanctions, Biden administration officials say US concerns about Chinese cyber activities have been raised with senior Chinese leaders. “We’re not ruling out further action to hold the PRC accountable,” one official said.

In any case, Monday’s announcements were intended as a forceful condemnation of what the Biden administration describes as part of a pattern of irresponsible behavior in cyber space.