Biden Goes After Chinese & Russian Cyber Attackers

After confronting Russian President Putin on cyber security at their summit last month, US President Biden is rallying allies to accuse China of sponsoring cyber criminal activity around the world. 

The White House is publicly blaming China for an attack on Microsoft's Exchange email server software that compromised tens of thousands of computers worldwide, allowing hackers to gain access to troves of sensitive data. The US has restricted trade with four Russian IT firms as well as two other entities over “aggressive and harmful” activities.  By joining the Department's blacklist, US companies will no longer be able to sell to them without a license.

A Biden administration official has said that China's Ministry of State Security employed criminal contract hackers "to conduct unsanctioned cyber operations globally, including for their own personal profit." Although the US says criminal gangs of hackers with links to Russian intelligence carried out such audacious ransomware attacks as the one that caused Colonial Pipeline, a major US petroleum distribution network, to shut down temporarily, China's outright hiring of contract hackers is "distinct... The United States has long been concerned about the People's Republic of China's irresponsible and destabilising behavior in cyberspace."

Such hacks pose a serious economic and national security threat to the US and its allies, the official said.

Russia

The Russian organisations added to the US blacklist are Aktsionernoe Obshchaestvo AST, Aktsionernoe Obshchestvo Pasit; Aktsionernoe Obshchestvo Pozitiv Teknolodzhiz, also known as JSC Positive Technologies, Federal State Autonomous Institution Military Innovative Technopolis Era, Federal State Autonomous Scientific Establishment Scientific Research Institute Specialized Security Computing Devices and Automation (SVA), and Obshchestvo S Ogranichennoi Otvetstvennostyu Neobit.

The US believes that Era is operated by the Russian Ministry of Defense, Pasit is an IT company that supports Russia’s Foreign Intelligence Service’s malicious cyber operations, SVA is a Russian state-owned organisation that also supports malicious cyber operations, and Russia-based IT security firms Neobit, AST, and Positive Technologies have the Russian government as one of their clients.

China

US officials have also announced new measures aimed at exposing and disrupting China’s government-sponsored cyber criminal activities. Furthermore, key NATO and other allies are expected to reveal new information about the methods used in the wave of large-scale cyber attacks that have affected thousands of government and private networks in the United States, and how to protect against them.

These actions are a direct result of President Joe Biden's recent foreign trip to meet with G7 and NATO leaders and may be the first step in a new multilateral coalition of allies that could eventually impose economic penalties on the Chinese government, similar to those that some Western states have placed on Russia. 

 A senior official said that the United States had convinced allies to name China’s Ministry of State Security as a key player in various criminal cyber activities, although he official gave no indication when economic penalties would be introduced. 

The White House has published an alert co-authored by the National Security Agency, Cybersecurity Infrastructure & Security Agency, and the FBI detailing 50 ways that criminal actors, allegedly sponsored by the Chinese government, attack Western networks, and how to defend against them. “Chinese state-sponsored cyber actors aggressively target US and allied political, economic, military, educational, and critical infrastructure, personnel and organizations to steal sensitive data, critical and emerging key technologies, intellectual property, and personally identifiable information,” the alert fact sheet says.

Regarding one of those targets, the senior official said, “The United States government, alongside our allies and partners, will formally attribute the malicious cyber campaign using the zero-day vulnerabilities in the Microsoft Exchange Server disclosed in March.”

The official also said that the United States and key allies were now ready to name China as a supporter of the same sort of cyber criminal sponsorship of which the United States and others have accused Russia. That could lay the groundwork for the United States to press allies such as Britain and the European Union to place new sanctions on China for its sponsorship of such activities. 

US-CERT:       DefenseOne:      NPR:      Newsweek:        ITPro:    

You Might Also Read: 

Data Privacy Is Key To The Technology Battle With China:

 

 

« Royal Cyber Security Significantly Increased
Was There A Russian Plot To Put Trump In The White House? »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

eSentire

eSentire

eSentire is the authority in Managed Detection and Response Services, protecting the critical data and applications of organizations from known and unknown cyber threats.

CrowdStrike

CrowdStrike

CrowdStrike is a global provider of security technology and services focused on identifying advanced threats and targeted attacks.

eScan AV

eScan AV

eScan develops Information Security solutions that provide protection against current and evolving cyber threats.

We Watch Your Website

We Watch Your Website

We Watch Your Website provide website monitoring, protection, malware removal and root cause analysis services to help you keep your website secure.

Oodrive

Oodrive

Oodrive is the first trusted European collaborative suite allowing users to collaborate, communicate and streamline business with transparent tools that ensure security.

DomainTools

DomainTools

DomainTools is the global leader for internet intelligence and the first place security practitioners go when they need to know.

Rogers Cybersecure Catalyst

Rogers Cybersecure Catalyst

Rogers Cybersecure Catalyst helps Canadians and Canadian companies seize the opportunities and tackle the challenges of cybersecurity.

MOXFIVE

MOXFIVE

MOXFIVE is a specialized technical advisory firm founded to bring clarity to the complexity of cyber attacks.

Cybersecurity Center for Secure Evolvable Energy Delivery Systems (SEEDS)

Cybersecurity Center for Secure Evolvable Energy Delivery Systems (SEEDS)

SEEDS conducts research and develops innovative cybersecurity technologies, tools, and methodologies that advance the energy sector’s ability to survive cyber incidents.

SecureStream Technologies

SecureStream Technologies

SecureStream Technologies have built the IoT SafetyNet - the Network Security Analytics platform to Eliminate Security Threats, Guarantee Privacy, Ensure Compliance, Simply & Easily.

PacketViper

PacketViper

PacketViper’s Deception360 actively defends networks with deception-based threat detection and automated response to both external and internal cyber threats.

SYN Ventures

SYN Ventures

SYN Ventures invests in disruptive, transformational solutions that reduce technology risk.

Acronis

Acronis

At Acronis, we protect the data, applications, systems and productivity of every organization – safeguarding them against cyberattacks, hardware failures, natural disasters and human errors.

CyXcel

CyXcel

CyXcel is a cyber security consulting business grounded in the law which natively fuses crises, legal, technical, and consulting expertise digital networks, information and operational technology.

ACDS (Advanced Cyber Defence Systems)

ACDS (Advanced Cyber Defence Systems)

ACDS was founded in the belief that cyber security can be done better. We’re combining emerging technologies and proven methods to bring a new approach to tackling the growing threat landscape.

Anthropic

Anthropic

Anthropic is a Public Benefit Corporation, whose purpose is the responsible development and maintenance of advanced AI for the long-term benefit of humanity.