The United States and its allies accused China of carrying out a massive cyber attack on tech giant Microsoft’s Exchange mail server software earlier this year. Along with the charges, the US Department of Justice even indicted four Chinese nationals in connection with the hacking. Although Chinese officials have denounced the accusation, the open allegations present a different tactic than the United States in terms of combating cyber attacks against its businesses and soil. Here’s a look at how the story unfolded.
What were the hacks?
In March, Microsoft Exchange email services were compromised by Chinese hackers through four zero-day exploits. Zero-day exploits are vulnerabilities in a system that leave a business with little or no time to react and fix vulnerabilities when they are hacked. The exploits allowed hackers to take control of computers owned by thousands of companies around the world. Even though Microsoft released an update to deal with the exploits, hackers continued to take control of more devices. Usernames and passwords, confidential information, intellectual property, private communications and other data that could be used for blackmail and extortion were threatened. The attack, orchestrated by the Hafnium group, allegedly associated with the Chinese government, was so widespread that the Federal Bureau of Investigation (FBI) had to step in and remove the malware from thousands of devices in an unprecedented move.
What does this mean for Sino-US relations?
While the United States and its allies have openly accused China of carrying out the attack, no sanctions have followed the allegations. Realizing the scale and source of a cyberattack is no easy task, and countries rarely openly accuse each other of carrying out cyberattacks. The United States, the European Union, Britain, Australia, Canada, New Zealand, Japan and NATO have all decried China’s role in this attack. US Secretary of State Antony Blinken said: “As evidenced by the indictment of three agents of the MSS (Department of State Security) and one of their contracted hackers unveiled by the Department of Justice today (July 19), the United States will impose (Chinese) malicious cyber actors for their irresponsible behavior in cyberspace. “Blinken alleged that the Chinese MSS has fostered an ecosystem of criminal hackers who carry out attacks. state-sponsored activities and cybercrime for their own financial gain. The statements by the United States highlight a growing sense in the country to take more proactive and reactive measures to protect its national interests against cyber attacks sponsored by the United States. State. This year has already seen numerous cyber attacks against American companies, mainly orchestrated by Russian groups, such as the attack on Colonial Pipeline and the attack on against the JBS meat packer.
US-China relations are reaching an all-time low as China seeks to consolidate its place as a global superpower rivaling the existing one that many believe is in decline.
How China pushed back
China has called the claims of the United States and its allies “baseless” and “irresponsible”. The first official statements came from the embassies of Australia and New Zealand, two countries which also jointly accused China and the United States. “Given the virtual nature of cyberspace, clear evidence is required to investigate and identify cyber incidents,” the Chinese embassy in New Zealand said.
(Edited by : Shoma bhattacharjee)