Biden Goes After Chinese & Russian Cyber Attackers

After confronting Russian President Putin on cyber security at their summit last month, US President Biden is rallying allies to accuse China of sponsoring cyber criminal activity around the world. 

The White House is publicly blaming China for an attack on Microsoft's Exchange email server software that compromised tens of thousands of computers worldwide, allowing hackers to gain access to troves of sensitive data. The US has restricted trade with four Russian IT firms as well as two other entities over “aggressive and harmful” activities.  By joining the Department's blacklist, US companies will no longer be able to sell to them without a license.

A Biden administration official has said that China's Ministry of State Security employed criminal contract hackers "to conduct unsanctioned cyber operations globally, including for their own personal profit." Although the US says criminal gangs of hackers with links to Russian intelligence carried out such audacious ransomware attacks as the one that caused Colonial Pipeline, a major US petroleum distribution network, to shut down temporarily, China's outright hiring of contract hackers is "distinct... The United States has long been concerned about the People's Republic of China's irresponsible and destabilising behavior in cyberspace."

Such hacks pose a serious economic and national security threat to the US and its allies, the official said.

Russia

The Russian organisations added to the US blacklist are Aktsionernoe Obshchaestvo AST, Aktsionernoe Obshchestvo Pasit; Aktsionernoe Obshchestvo Pozitiv Teknolodzhiz, also known as JSC Positive Technologies, Federal State Autonomous Institution Military Innovative Technopolis Era, Federal State Autonomous Scientific Establishment Scientific Research Institute Specialized Security Computing Devices and Automation (SVA), and Obshchestvo S Ogranichennoi Otvetstvennostyu Neobit.

The US believes that Era is operated by the Russian Ministry of Defense, Pasit is an IT company that supports Russia’s Foreign Intelligence Service’s malicious cyber operations, SVA is a Russian state-owned organisation that also supports malicious cyber operations, and Russia-based IT security firms Neobit, AST, and Positive Technologies have the Russian government as one of their clients.

China

US officials have also announced new measures aimed at exposing and disrupting China’s government-sponsored cyber criminal activities. Furthermore, key NATO and other allies are expected to reveal new information about the methods used in the wave of large-scale cyber attacks that have affected thousands of government and private networks in the United States, and how to protect against them.

These actions are a direct result of President Joe Biden's recent foreign trip to meet with G7 and NATO leaders and may be the first step in a new multilateral coalition of allies that could eventually impose economic penalties on the Chinese government, similar to those that some Western states have placed on Russia. 

 A senior official said that the United States had convinced allies to name China’s Ministry of State Security as a key player in various criminal cyber activities, although he official gave no indication when economic penalties would be introduced. 

The White House has published an alert co-authored by the National Security Agency, Cybersecurity Infrastructure & Security Agency, and the FBI detailing 50 ways that criminal actors, allegedly sponsored by the Chinese government, attack Western networks, and how to defend against them. “Chinese state-sponsored cyber actors aggressively target US and allied political, economic, military, educational, and critical infrastructure, personnel and organizations to steal sensitive data, critical and emerging key technologies, intellectual property, and personally identifiable information,” the alert fact sheet says.

Regarding one of those targets, the senior official said, “The United States government, alongside our allies and partners, will formally attribute the malicious cyber campaign using the zero-day vulnerabilities in the Microsoft Exchange Server disclosed in March.”

The official also said that the United States and key allies were now ready to name China as a supporter of the same sort of cyber criminal sponsorship of which the United States and others have accused Russia. That could lay the groundwork for the United States to press allies such as Britain and the European Union to place new sanctions on China for its sponsorship of such activities. 

US-CERT:       DefenseOne:      NPR:      Newsweek:        ITPro:    

You Might Also Read: 

Data Privacy Is Key To The Technology Battle With China:

 

 

« Royal Cyber Security Significantly Increased
Was There A Russian Plot To Put Trump In The White House? »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Cambray Solutions

Cambray Solutions

Cambray Solutions specializes in locating and securing technical professionals, managers, and executives.

Security Magazine

Security Magazine

Security, the business magazine for security executives, focuses on management issues facing top security professionals and effective solutions being employed, both physical and cyber.

DataVantage

DataVantage

DataVantage data masking and data management software helps you prevent data breaches, pass compliance audits and meet regulatory requirements such as HIPAA and PCI DSS.

Leviathan Security Group

Leviathan Security Group

Leviathan provides a broad set of information security services ranging from low-level technical engineering to strategic business consulting.

Telecom Information Sharing and Analysis Center Japan (T-ISAC Japan)

Telecom Information Sharing and Analysis Center Japan (T-ISAC Japan)

T-ISAC Japan coordinates information sharing and activities related to ISP/telecommunications network security in Japan.

Cyber Defense Initiative Conference (CDIC)

Cyber Defense Initiative Conference (CDIC)

Cyber Defense Initiative Conference (CDIC) is one of the most distinguished Cybersecurity, Privacy and Information Security Conference in Thailand and Southeast Asia.

PRESENSE Technologies

PRESENSE Technologies

PRESENSE Technologies specializes in monitoring and enforcing IT security policies at critical points in the network and on end systems.

Matias Consulting Group (MCG)

Matias Consulting Group (MCG)

Your Business needs competitive and resilient ICT solutions. MCG defines, deploy & support them enabling you to focus on your core business.

Synelixis Solutions

Synelixis Solutions

Synelixis Solutions is a high-tech company founded to provide complete telecommunications, networking, security, control and automation solutions.

SkillCube

SkillCube

SkillCube is one of the pioneers in India focusing on Cyber Security Skill Development Solutions.

ePlus

ePlus

ePlus designs and delivers effective, integrated cybersecurity programs centered on culture and technology, aimed at mitigating business risk and empowering digital transformation.

Cyrebro

Cyrebro

CYREBRO is your online cybersecurity central command managed SOC that integrates all your security events with strategic monitoring, proactive threat intelligence, and rapid incident response.

Advantio

Advantio

Advantio offers a unique combination of technologies and managed, advisory and testing services to increase your cyber resilience and compliance.

NXM Labs

NXM Labs

NXM is a leader in a leader in advanced cybersecurity software for connected devices.

When Group

When Group

World Health Energy Holdings, Inc. (d/b/a WHEN Group) is a High Tech Holding Company that specializes in the Cyber, Security and Telecom area.

Utilize

Utilize

Utilize is an award-winning technology company with over 25 years of industry expertise, we support hundreds of businesses across London and the South East.