Global coalition calls on China to curtail its cyber activities. For the first time, the US blames China directly for ransomware attacks.
Following a push by the White House to address the ransomware crisis emanating from Russia and the imposition of sanctions on Russia for its spree of malicious cyber actions, the Biden administration has launched a multi-part strategy to shame another digital security adversary, China, into halting its digital malfeasance.
First, the administration formally accused China of breaching Microsoft’s Exchange email servers to implant what most experts consider reckless and damaging surveillance malware. Although Microsoft has long attributed that incident to a Chinese hacking group it calls HAFNIUM, the White House has now finally and officially acknowledged China’s role in that supply chain attack.
In a statement, the White House said it is attributing “with a high degree of confidence that malicious cyber actors affiliated with PRC’s MSS conducted cyber-espionage operations utilizing the zero-day vulnerabilities in Microsoft Exchange Server disclosed in early March 2021.”
Secretary of State Anthony Blinken said in a statement that “the United States government, alongside our allies and partners, has formally confirmed that cyber actors affiliated with the MSS exploited vulnerabilities in Microsoft Exchange Server in a massive cyber-espionage operation that indiscriminately compromised thousands of computers and networks, mostly belonging to private sector victims.”
This article appeared in CSO Online. To read the rest of the article please visit here.