Biden Goes After Chinese & Russian Cyber Attackers

After confronting Russian President Putin on cyber security at their summit last month, US President Biden is rallying allies to accuse China of sponsoring cyber criminal activity around the world. 

The White House is publicly blaming China for an attack on Microsoft's Exchange email server software that compromised tens of thousands of computers worldwide, allowing hackers to gain access to troves of sensitive data. The US has restricted trade with four Russian IT firms as well as two other entities over “aggressive and harmful” activities.  By joining the Department's blacklist, US companies will no longer be able to sell to them without a license.

A Biden administration official has said that China's Ministry of State Security employed criminal contract hackers "to conduct unsanctioned cyber operations globally, including for their own personal profit." Although the US says criminal gangs of hackers with links to Russian intelligence carried out such audacious ransomware attacks as the one that caused Colonial Pipeline, a major US petroleum distribution network, to shut down temporarily, China's outright hiring of contract hackers is "distinct... The United States has long been concerned about the People's Republic of China's irresponsible and destabilising behavior in cyberspace."

Such hacks pose a serious economic and national security threat to the US and its allies, the official said.

Russia

The Russian organisations added to the US blacklist are Aktsionernoe Obshchaestvo AST, Aktsionernoe Obshchestvo Pasit; Aktsionernoe Obshchestvo Pozitiv Teknolodzhiz, also known as JSC Positive Technologies, Federal State Autonomous Institution Military Innovative Technopolis Era, Federal State Autonomous Scientific Establishment Scientific Research Institute Specialized Security Computing Devices and Automation (SVA), and Obshchestvo S Ogranichennoi Otvetstvennostyu Neobit.

The US believes that Era is operated by the Russian Ministry of Defense, Pasit is an IT company that supports Russia’s Foreign Intelligence Service’s malicious cyber operations, SVA is a Russian state-owned organisation that also supports malicious cyber operations, and Russia-based IT security firms Neobit, AST, and Positive Technologies have the Russian government as one of their clients.

China

US officials have also announced new measures aimed at exposing and disrupting China’s government-sponsored cyber criminal activities. Furthermore, key NATO and other allies are expected to reveal new information about the methods used in the wave of large-scale cyber attacks that have affected thousands of government and private networks in the United States, and how to protect against them.

These actions are a direct result of President Joe Biden's recent foreign trip to meet with G7 and NATO leaders and may be the first step in a new multilateral coalition of allies that could eventually impose economic penalties on the Chinese government, similar to those that some Western states have placed on Russia. 

 A senior official said that the United States had convinced allies to name China’s Ministry of State Security as a key player in various criminal cyber activities, although he official gave no indication when economic penalties would be introduced. 

The White House has published an alert co-authored by the National Security Agency, Cybersecurity Infrastructure & Security Agency, and the FBI detailing 50 ways that criminal actors, allegedly sponsored by the Chinese government, attack Western networks, and how to defend against them. “Chinese state-sponsored cyber actors aggressively target US and allied political, economic, military, educational, and critical infrastructure, personnel and organizations to steal sensitive data, critical and emerging key technologies, intellectual property, and personally identifiable information,” the alert fact sheet says.

Regarding one of those targets, the senior official said, “The United States government, alongside our allies and partners, will formally attribute the malicious cyber campaign using the zero-day vulnerabilities in the Microsoft Exchange Server disclosed in March.”

The official also said that the United States and key allies were now ready to name China as a supporter of the same sort of cyber criminal sponsorship of which the United States and others have accused Russia. That could lay the groundwork for the United States to press allies such as Britain and the European Union to place new sanctions on China for its sponsorship of such activities. 

US-CERT:       DefenseOne:      NPR:      Newsweek:        ITPro:    

You Might Also Read: 

Data Privacy Is Key To The Technology Battle With China:

 

 

« Royal Cyber Security Significantly Increased
Was There A Russian Plot To Put Trump In The White House? »

Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Cylance Smart Antivirus

Cylance Smart Antivirus

An antivirus that works smarter, not harder, from BlackBerry. Lightweight, non-intrusive protection powered by artificial intelligence. BUY NOW - LIMITED DISCOUNT OFFER.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Free Access: Cyber Security Supplier Directory listing 5,000+ specialist service providers.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

FREE eBook: Practical Guide To Optimizing Your Cloud Deployments

FREE eBook: Practical Guide To Optimizing Your Cloud Deployments

AWS Marketplace eBook: Optimizing your cloud deployments to accelerate cloud activities, reduce costs, and improve customer experience.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

LogPoint

LogPoint

LogPoint offers a full enterprise SIEM (Security Information & Event Management) solution to defend against cybercrime and fraud.

NetMotion Software

NetMotion Software

NetMotion Software specializes in mobile performance management solutions to manage, secure and support the mobile enterprise.

totemo

totemo

totemo provides security solutions for email encryption, secure managed file transfer and secure mobile communication.

Cyber Army Indonesia (CyberArmyID)

Cyber Army Indonesia (CyberArmyID)

Cyber Army Indonesia (CyberArmyID) is the first platform in Indonesia to collect and validate reports from hackers (referred to as Bug Hunter) regarding vulnerabilities that exist in an organization.

Lineal Services

Lineal Services

Lineal supports clients in meeting their digital forensics, cyber security and eDiscovery needs by providing bespoke solutions to complex problems.

VIQU Recruitment

VIQU Recruitment

VIQU Recruitment was formed with the primary focus of providing 'Smarter People Solutions' to the UK’s professional IT & Cyber Security markets.

Perspecta

Perspecta

Perspecta security solutions predict attacks, proactively respond to threats, ensure compliance and protect data, applications, infrastructure and endpoints.

Kintent

Kintent

With Kintent, compliance becomes a habit, is simple to understand and achieve, and is continuously testable so that your customers can see that you are adhering to all your trust obligations.