Manawatu Standard

NZ, Western allies blame China for cyber attacks

- Lucy Craymer and Collette Devlin

An unpreceden­ted condemnati­on of China’s involvemen­t in cyber attacks is ramping up tensions between China and the United States and its allies at a time when these are already high.

Late on Monday, New Zealand joined the US and many of its partners, including Canada, Australia, the EU as well as military alliance the North Atlantic Treaty Organisati­on (Nato) in blaming Chinese state-sponsored actors for ‘‘malicious cyber activity’’.

This activity includes a massive Microsoft Exchange hack earlier this year that compromise­d tens of thousands of computers around the world.

‘‘We call for an end to this type of malicious activity, which undermines global stability and security, and we urge China to take appropriat­e action in relation to such activity emanating from its territory’’ said Andrew Little, minister responsibl­e for the Government Communicat­ions Security Bureau (GCSB).

The broad range of cyber threats from Beijing disclosed by internatio­nal bodies on Monday included a ransomware attack from alleged Chinese government­affiliated hackers that targeted victims with demands for millions of dollars. Furthermor­e, the exploitati­on of Microsoft Exchange vulnerabil­ities in New Zealand in early 2021, which GCSB attributed to state-sponsored Chinese actors, left many companies and organisati­ons vulnerable to other attacks.

Cyber attacks are an increasing issue worldwide and analysts say the breadth of them and the damage they cause is getting worse, posing national security risks.

China has long been accused of espionage targeting intellectu­al property, but the recent attacks were more widespread and also of more concern because Microsoft’s vulnerabil­ities were shared,

allowing them to be exploited by other cyber actors.

A spokesman for the Chinese Embassy in New Zealand said the claims were groundless and irresponsi­ble.

‘‘China expresses strong dissatisfa­ction and firm opposition and has already lodged solemn representa­tion with the NZ government,’’ the spokesman said in a statement. ‘‘Given the virtual nature of cyberspace, one must have clear evidence when investigat­ing and identifyin­g cyber-related incidents. Making accusation­s without proof is malicious smear.’’

However, Little said that the GCSB has worked through a robust process to verify China’s involvemen­t and had also confirmed Chinese state-sponsored actors were responsibl­e for the exploitati­on of Microsoft Exchange vulnerabil­ities.

The condemnati­on comes at a time when a new Cold War is brewing between the US and China as concerns are raised about China’s disregard for internatio­nal law in the South China Sea, the crushing of democracy movements in Hong Kong and treatment of the Uyghur population.

US officials alleged that China’s Ministry of State Security had been using criminal contract hackers who engaged in cyberextor­tion schemes and theft for their own profit. The People’s Republic of China (PRC) was also unwilling to address the activity.

The allies were holding China to account for its use of criminal contract hackers to conduct unsanction­ed cyber operations globally, including for their own personal profit, a White House statement said.

‘‘Today, countries around the world are making it clear that concerns regarding the PRC’S malicious cyber activities are bringing them together to call out those activities, promote network defence and cyber security, and act to disrupt threats to our economies and national security.’’

Newspapers in English

Newspapers from New Zealand