U.S. and allies accuse China of ‘malicious cyber activity,’ including Microsoft Exchange hack

Foreign Affairs

The U.S. and its closest allies pinned blame on China for the Microsoft Exchange hack that affected thousands of companies earlier this year. NATO and the EU joined in the criticism of “malicious cyber activity,” but were less direct in blaming Beijing.

little people figures running out of a laptop
Illustration by Derek Zheng

The U.S. and a large group of allies — Australia, Britain, Canada, New Zealand, Japan, NATO, and the European Union — today issued a coordinated warning to China about “malicious cyber activities.”

  • Some countries blamed China for the Microsoft Exchange hack, reported four months ago, that affected thousands of companies. The White House said it had a “high degree of confidence” that China’s Ministry of State Security (MSS) was connected to the hack, a finding echoed in statements by “five eyes” allies Australia, Britain, Canada, and even New Zealand, which is usually the most reluctant to directly confront Beijing. Japan said it “strongly supports” these statements.
  • NATO made a more general statement condemning “malicious cyber activity,” and merely added that its 30 member nations “acknowledge” the statements by allies that attributed blame for the Microsoft hack. NATO called on “all States, including China, to…act responsibly in the international system, including in cyberspace.”
  • The EU warned of hacking “conducted from the territory of China,” but did not directly blame the MSS for the Microsoft hack.

The U.S. took several other actions to criticize China and build cybersecurity awareness among domestic companies, but stopped short of issuing sanctions like those placed on Russia after the much larger SolarWinds hack.

  • Four Chinese nationals were indicted by the U.S. Justice Department for allegedly working with the MSS to steal intellectual property from dozens of organizations between 2011 and 2018.
  • That indictment also “alleges that the Chinese government has done little to uphold a 2015 accord between China and the Obama Administration not to direct or support cyberattacks that steal corporate records for economic benefit,” the Wall Street Journal reports. Specifically, the Justice Department alleges that Chinese hackers installed malware on American computers within a month of that agreement.
  • A cybersecurity advisory, with details on over 50 techniques used by hackers linked to the Chinese government, was jointly published by several U.S. federal agencies.
  • Secretary of State Antony Blinken talked tough in a press release, accusing the MSS of having “fostered an ecosystem of criminal contract hackers who carry out both state-sponsored activities and cybercrime for their own financial gain,” and vowing to work with partners and allies to “oppose digital authoritarianism.”

See also: