Biden Goes After Chinese & Russian Cyber Attackers

After confronting Russian President Putin on cyber security at their summit last month, US President Biden is rallying allies to accuse China of sponsoring cyber criminal activity around the world. 

The White House is publicly blaming China for an attack on Microsoft's Exchange email server software that compromised tens of thousands of computers worldwide, allowing hackers to gain access to troves of sensitive data. The US has restricted trade with four Russian IT firms as well as two other entities over “aggressive and harmful” activities.  By joining the Department's blacklist, US companies will no longer be able to sell to them without a license.

A Biden administration official has said that China's Ministry of State Security employed criminal contract hackers "to conduct unsanctioned cyber operations globally, including for their own personal profit." Although the US says criminal gangs of hackers with links to Russian intelligence carried out such audacious ransomware attacks as the one that caused Colonial Pipeline, a major US petroleum distribution network, to shut down temporarily, China's outright hiring of contract hackers is "distinct... The United States has long been concerned about the People's Republic of China's irresponsible and destabilising behavior in cyberspace."

Such hacks pose a serious economic and national security threat to the US and its allies, the official said.

Russia

The Russian organisations added to the US blacklist are Aktsionernoe Obshchaestvo AST, Aktsionernoe Obshchestvo Pasit; Aktsionernoe Obshchestvo Pozitiv Teknolodzhiz, also known as JSC Positive Technologies, Federal State Autonomous Institution Military Innovative Technopolis Era, Federal State Autonomous Scientific Establishment Scientific Research Institute Specialized Security Computing Devices and Automation (SVA), and Obshchestvo S Ogranichennoi Otvetstvennostyu Neobit.

The US believes that Era is operated by the Russian Ministry of Defense, Pasit is an IT company that supports Russia’s Foreign Intelligence Service’s malicious cyber operations, SVA is a Russian state-owned organisation that also supports malicious cyber operations, and Russia-based IT security firms Neobit, AST, and Positive Technologies have the Russian government as one of their clients.

China

US officials have also announced new measures aimed at exposing and disrupting China’s government-sponsored cyber criminal activities. Furthermore, key NATO and other allies are expected to reveal new information about the methods used in the wave of large-scale cyber attacks that have affected thousands of government and private networks in the United States, and how to protect against them.

These actions are a direct result of President Joe Biden's recent foreign trip to meet with G7 and NATO leaders and may be the first step in a new multilateral coalition of allies that could eventually impose economic penalties on the Chinese government, similar to those that some Western states have placed on Russia. 

 A senior official said that the United States had convinced allies to name China’s Ministry of State Security as a key player in various criminal cyber activities, although he official gave no indication when economic penalties would be introduced. 

The White House has published an alert co-authored by the National Security Agency, Cybersecurity Infrastructure & Security Agency, and the FBI detailing 50 ways that criminal actors, allegedly sponsored by the Chinese government, attack Western networks, and how to defend against them. “Chinese state-sponsored cyber actors aggressively target US and allied political, economic, military, educational, and critical infrastructure, personnel and organizations to steal sensitive data, critical and emerging key technologies, intellectual property, and personally identifiable information,” the alert fact sheet says.

Regarding one of those targets, the senior official said, “The United States government, alongside our allies and partners, will formally attribute the malicious cyber campaign using the zero-day vulnerabilities in the Microsoft Exchange Server disclosed in March.”

The official also said that the United States and key allies were now ready to name China as a supporter of the same sort of cyber criminal sponsorship of which the United States and others have accused Russia. That could lay the groundwork for the United States to press allies such as Britain and the European Union to place new sanctions on China for its sponsorship of such activities. 

US-CERT:       DefenseOne:      NPR:      Newsweek:        ITPro:    

You Might Also Read: 

Data Privacy Is Key To The Technology Battle With China:

 

 

« Royal Cyber Security Significantly Increased
Was There A Russian Plot To Put Trump In The White House? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

X-act Forensics

X-act Forensics

X-act forensics are computer forensic experts with experience in cases of computer fraud, intellectual property theft, and social networking cases.

Korea Information Security Industry Association (KISIA)

Korea Information Security Industry Association (KISIA)

KISIA is a non-profit organization for the information security industry in Korea.

Redspin

Redspin

Redspin provide penetration testing, security assessments and consulting services.

ETAS

ETAS

ETAS (formerly Escrypt) is a pioneer and one of today’s leading solution providers for embedded IT security.

CodeSealer

CodeSealer

CodeSealer provide invisible end-to-end user interface protection with a unique web security solution to eliminate Man-in-the-Middle and Man-in-the-Browser vulnerabilties.

Araxxe

Araxxe

Araxxe delivers Revenue Assurance, End-to-End Billing Verification and Interconnect Fraud Detection solutions to communication companies worldwide.

Simply Hired

Simply Hired

Simply Hired is a job search engine that collects job listings from all over the web, including company career pages, job boards and niche job websites.

Cyway

Cyway

Cyway is a value-added cybersecurity distributor focusing on on-prem, cloud solutions and hybrid solutions, IoT, AI & machine learning IT security technologies.

NetApp Excellerator

NetApp Excellerator

NetApp Excellerator is NetApp’s global start-up program that aims to fuel innovation by partnering with deep-tech start-ups.

Point Predictive

Point Predictive

Point Predictive build Predictive Models using Artificial Intelligence and Machine Learning techniques that help our customers stop fraud and early payment default (EPD).

South East Cyber Resilience Centre (SECRC)

South East Cyber Resilience Centre (SECRC)

The South East Cyber Resilience Centre supports and helps protect SMEs and supply chain businesses and third sector organisations in the region against cyber crime.

Strike Security

Strike Security

Strike Security offers a continuous penetration testing platform that combines automation with ethical hackers.

HackersEra

HackersEra

HackersEra is a leading offensive cybersecurity service provider. We enable our clients to operate in a more secure environment efficiently and produce more value.

Otto

Otto

Stop Client-Side Attacks. Plug otto into your application security suite and protect your supply chain.

Bluefin Payment Systems

Bluefin Payment Systems

Bluefin is the recognized integrated payments leader in encryption and tokenization technologies that protect payments and sensitive data.

Defence Innovation Accelerator for the North Atlantic (DIANA)

Defence Innovation Accelerator for the North Atlantic (DIANA)

The NATO DIANA accelerator programme is designed to equip businesses with the skills and knowledge to navigate the world of deep tech, dual-use innovation.