Staff Writer
Australia has joined a group of allies and partners to call out malicious cyber activities by China’s Ministry of State Security (MSS). China has responded by calling the accusations “slander” and a “huge lie”, threatening retaliation if punitive measures are enforced.
On Monday, Australia joined forces with the United States, the European Union, NATO, Canada, Japan, and New Zealand to condemn MSS cyber activities.
“The Australian Government joins international partners in expressing serious concerns about malicious cyber activities by China’s Ministry of State Security,” said Australia’s Minister for Foreign Affairs, Senator Marise Payne.
Simultaneously, the White House was briefing journalists in a coordinated strike against China. In addition to naming and shaming China, a White House senior administration figure said the coalition would show how the MSS uses criminal contract hackers to conduct unsanctioned cyber activities around the world. These hackers conduct cyber-enabled extortion, crypto-jacking, and theft for personal profit.
Also exposed are some 50 tactics, techniques and procedures MSS sponsored hackers used when targeting US and allied networks.
Finally, the coalition formally attributed the cyber campaign using zero-day vulnerabilities in the Microsoft Exchange Server in March to MSS affiliated hackers.
“The Australian Government has determined that China’s Ministry of State Security exploited vulnerabilities in the Microsoft Exchange software to affect thousands of computers and networks worldwide, including in Australia,” says Senator Payne.
“My understanding is that the Chinese Government, not unlike the Russian Government, is not doing this themselves, but are protecting those who are doing it,” said US President Jo Biden.
On the same day, the US Department of Justice announced criminal charges against four MSS hackers, include three state security officers.
“Pretty much the world has come out and pointed the finger at China,” says Alastair MacGibbon, Chief Strategy Officer at Cyber CX and former Australian National Cyber Security Advisor.
MacGibbon differentiates between China using contractors to carry out legitimate state-based espionage activity and contractors conducting operations for personal gain. He suggests the hackers blur the line and doing both with the MSS approval.
“It’s China working now with criminals to carry out not just activities for the Chinese state, but for the criminal’s own ends.
“There has to be a significant body of evidence for countries to come out and point the finger at another country,” MacGibbon says.
“The PRC’s Ministry of State Security has fostered an ecosystem of criminal contract hackers who carry out both state-sponsored activities and cybercrime for their own financial gain,” said US Secretary of State Antony Blinken.
Chinese state media outlet The Global Times rebutted the allegations on Tuesday, condemning the naming and shaming.
“The Western world is unfamiliar with China’s system, and cyberattacks are difficult to trace. Washington is exploiting them to frame China,” the editorial said.
“The US cannot exploit these smears to substantively attack China. If the US takes aggressive measures, carries out national-level cyberattacks on China, or imposes so-called sanctions on China, we will retaliate.”
Further reading: China attributed by US Allies for Microsoft Exchange attack