On July 19, a bold coalition of countries disclosed details regarding China’s alleged global cyberespionage campaign. The United States, the European Union, NATO, Britain, Norway, Japan, Australia, Canada, and New Zealand publicly condemned and denounced Beijing for its hacking and spying over the last ten years.
According to the U.S. Secretary of State Antony Blinken, the cyber operations conducted by the Chinese government are a part of a “pattern of irresponsible, disruptive and destabilizing behavior in cyberspace, which poses a major threat to our economic and national security.” The Ministry of State Security (MSS), run by the Chinese Communist Party (CCP), created a community of hackers to conduct “state-sponsored activities and cybercrimes for their own financial gain.” Contract hackers were hired to conduct operations not only on Chinese soil for their own personal, criminal purposes but also on behalf of the government, according to U.S. cyber officials. The Chinese government allowed ransomware attacks, cryptocurrency mining, and financial theft on networks across the globe to be conducted in its country.
Who’s To Blame?
President Biden told reporters that “the Chinese government, not unlike the Russian government, are not doing this themselves, but are protecting those who are doing it.” The president’s statement contradicts what the DOJ, State Department, and security officials who have stated that the nation-state is very much involved and at least partially to blame for these attacks. When questioned, White House Press Secretary Jen Psaki told reporters Biden takes the situation very seriously, and it was not his intention to project the message that he did not want to directly blame the Chinese government.
Britain and Canada directly hold the MSS responsible for the campaign. NATO, on the other hand, took a softer approach in simply “acknowledging” the allegations. The EU played a similar hand, simply urging China to rein in the malicious activities being organized and conducted from their territory. In a recent statement, EU foreign policy chief Josep Borrell said the hacking was “conducted from the territory of China for the purpose of intellectual property theft and espionage.” He did not directly mention contributions from the CCP or MSS.
Pressure For Biden to Act – Will He?
The Department of Justice has charged three Chinese security officials and one contract hacker for working with the MSS and hacking dozens of computer networks and systems at companies, universities, and government entities between 2011 to 2018. The decade-long campaign, which is undoubtedly ongoing, targeted trade secrets and innovation in the biopharmaceutical, maritime, government, health care, education, aviation, and defense industries, according to a recently released justice department statement. A slew of cyberattacks has hit the United States in the private and public sectors in the last year. Most of them have involved Russian criminal gangs apparently with some ties to Russian intelligence agencies. In response, the Biden administration retaliated with economic sanctions.
In a press conference following the release of information on the cyber campaign, Jen Psaki was asked why the administration was not imposing sanctions on China as it has with Russia. Psaki responded with, “we are actually elevating and taking steps to not only speak out publicly but certainly take action as it related to problematic cyber activities from China – in a different way – but as we have from Russia as well. We are not differentiating.”
The United States economy relies heavily on Chinese imports, however the press secretary denied any hesitancy on that account. She insisted the administration would not allow any “economic circumstance or consideration to prevent us from taking actions where warranted.”
The Culprit for the Microsoft Hack
More specifically, the Biden administration and its allies blamed China for hacking the Microsoft Exchange email server software that occurred in early January. According to the U.K. Foreign Secretary Dominic Raab, the attack was carried out by Chinese state-backed groups. Tens of thousands of computers across the globe were overtaken by cyberspies. Initially, Microsoft blamed China, but it was not until now that the government has been able to determine the MSS’ involvement. The discovery of new ransomware, hacking code, and tactics provided the pieces to the puzzle.
A former chief technology officer from Crowdstrike, a well-known cybersecurity firm, commented on the recent developments, saying he is “puzzled” over why the U.S. did not impose sanctions initially as China “certainly deserves it” and in not doing so, the U.S. has become “a glaring standout.”
What is Next?
It is one thing to recognize illicit behavior; it is another thing to punish it. Can we expect the Chinese Ministry of State Security to cut ties with its contract hackers or halt cyber operations? Probably not without the U.S. and its allies imposing sanctions or threatening consequences. Such sanctions would have repercussions for the United States economy, but the Biden administration, along with other allied governments, has big, strategic decisions to make.