The U.S. and an “unprecedented group of allies” blamed China on Monday for the massive Microsoft [MSFT] Exchange Server hack as well as an ongoing pattern of malicious cyber efforts that have targeted a broad array of U.S. groups, including the defense industrial base.
While the announcement was not accompanied with sanctions against Beijing, the Department of Justice did detail criminal charges against four Chinese hackers that were contracted to carry out cyber attacks against foreign entities and U.S. companies in the maritime, aviation and defense sectors, among others.
“Today, the United States and our allies and partners are exposing further details of [China’s] pattern of malicious cyber activity and taking further action to counter it, as it poses a major threat to U.S. and allies’ economic and national security,” the White House said in a statement.
The group of allies joining the U.S. in condemning China’s alleged malicious activities include the European Union, the U.K., Australia, Canada, New Zealand, Japan, and, for the first time, NATO.
“We stand in solidarity with all those who have been affected by recent malicious cyber activities including the Microsoft Exchange Server compromise. Such malicious cyber activities undermine security, confidence and stability in cyberspace,” NATO wrote in a statement. “We also reiterate our willingness to maintain a constructive dialogue with China based on our interests, on areas of relevance to the Alliance such as cyber threats, and on common challenges.”
The National Security Agency, the Cyber Security and Infrastructure Security Agency and the FBI released a joint advisory Monday alleging that China’s state-sponsored malicious cyber campaign has included specifically targeting the defense industrial base, semiconductor companies and managed service providers.
“Chinese state-sponsored cyber actors aggressively target U.S. and allied political, economic, military, educational, and critical infrastructure personnel and organizations to steal sensitive data, critical and emerging key technologies, intellectual property, and personally identifiable information,” the agencies wrote in their advisory.
The White House on Monday responded to questions on why China received no sanctions for its cyber activities while the U.S. levied sanctions against six Russian companies in April after attributing the SolarWinds hack to Moscow (Defense Daily, April 15).
“We are actually elevating and taking steps to not only speak out publicly but certainly take action as it relates to problematic cyber activities from China, in a different way, but as we have for Russia as well,” Jen Psaki, the White House press secretary, said during a briefing Monday, citing the significance of having the large number of international partners join in condemning Beijing.
President Biden also told reporters he is set to receive a detailed report on China’s malicious cyber activities on Tuesday morning, adding the investigations are not finished.
A senior administration official also told reporters that further actions to hold China accountable could be possible as investigations move forward.
“We’ve raised our concerns about both the Microsoft incident and the [China’s] broader malicious cyber activity with senior [People’s Republic of China] (PRC) government officials, making clear that the PRC’s actions threaten security, confidence, and stability in cyberspace. The U.S. and our allies and partners are not ruling out further actions to hold the PRC accountable,” the official said.