Microsoft hack allegation just a smear, China says
China rejected accusations by the US, Britain and their allies that people linked to the Asian nation’s government were behind the Microsoft Exchange hack and other “malicious cyber activities.
“The US ganged up with its allies and launched an unwarranted accusation against China on cybersecurity,” foreign ministry spokesperson Zhao Lijian said on Tuesday at a regular briefing in Beijing.
“It is purely a smear and suppression out of political motives. China will never accept this.”
Zhao added that the details released by the US “do not constitute a complete chain of evidence. In fact, the US is the largest source of cyberattacks in the world.”
THE DETAILS DO NOT CONSTITUTE A COMPLETE CHAIN OF EVIDENCE. IN FACT, THE US IS THE LARGEST SOURCE OF CYBERATTACKS
The group of nations said the Chinese government was the mastermind behind a series of malicious ransomware, data theft and cyber-espionage attacks on public and private entities, including the Microsoft Exchange hack earlier this year.
The accusations added to tensions between China and the US over issues from policies in the western region of Xinjiang and Hong Kong to the origins of the coronavirus. The Biden administration warned investors last week about the risks of doing business in the Asian financial hub, issuing an advisory that China’s push to exert more control over the city threatens the rule of law and endangers employees and data.
“The Chinese government must end this systematic cybersabotage and can expect to be held to account if it does not,” UK foreign secretary Dominic Raab said in a statement.
US President Joe Biden told reporters at the White House on Monday that the investigation was not finished, but that the Chinese government bears responsibility. His administration said that it was joining European nations to expose the scale of China’s activity and would take steps to counter it.
The group of nations attributing the attack to China includes Australia, Canada, New Zealand, Japan and Nato, marking the first condemnation by the North American-European alliance on China’s cyber-activities, according to a senior Biden administration official.
“Under US encouragement, Nato has made cyberspace a new battlefield,” Zhao said.
“The introduction of the military alliance into cyberspace, not only does little to achieve one’s own security, but may instead provoke a cyber arms race and enhance the risk of friction and disputes in cyberspace, and may undermine international peace and security.”
As part of the announcement, the US National Security Agency, the Cybersecurity and Infrastructure Security Agency and the FBI gave details of more than 50 tactics Chinese statesponsored cyberhackers used when targeting US and allied networks, including spearphishing e-mails with malicious attachments, exploitation of public-facing applications and drive-by compromise.
Microsoft welcomed the global effort to attribute the attacks and called for future accountability.
The company has attributed the hack to cyber-espionage group Hafnium, which allegedly has ties to the Chinese government. The US assessment appears to support Microsoft’s conclusions, attributing the hack to people affiliated with the ministry of state security with “a high degree of confidence”.
The attack on Microsoft’s Exchange e-mail servers occurred over two weeks between late February and early March. Microsoft first released software patches on March 2 to fix the critical vulnerabilities exploited. The attack exposed tens of thousands of victim e-mail systems, including those of health-care facilities, manufacturers, energy companies, and state and local governments.
Zhao Lijian China foreign ministry spokesperson