Biden Goes After Chinese & Russian Cyber Attackers

Uploaded on 2021-07-28 in INTELLIGENCE-Hot Spots-Russia, INTELLIGENCE-Hot Spots-China, GOVERNMENT-National, FREE TO VIEW

After confronting Russian President Putin on cyber security at their summit last month, US President Biden is rallying allies to accuse China of sponsoring cyber criminal activity around the world. 

The White House is publicly blaming China for an attack on Microsoft's Exchange email server software that compromised tens of thousands of computers worldwide, allowing hackers to gain access to troves of sensitive data. The US has restricted trade with four Russian IT firms as well as two other entities over “aggressive and harmful” activities.  By joining the Department's blacklist, US companies will no longer be able to sell to them without a license.

A Biden administration official has said that China's Ministry of State Security employed criminal contract hackers "to conduct unsanctioned cyber operations globally, including for their own personal profit." Although the US says criminal gangs of hackers with links to Russian intelligence carried out such audacious ransomware attacks as the one that caused Colonial Pipeline, a major US petroleum distribution network, to shut down temporarily, China's outright hiring of contract hackers is "distinct... The United States has long been concerned about the People's Republic of China's irresponsible and destabilising behavior in cyberspace."

Such hacks pose a serious economic and national security threat to the US and its allies, the official said.

Russia

The Russian organisations added to the US blacklist are Aktsionernoe Obshchaestvo AST, Aktsionernoe Obshchestvo Pasit; Aktsionernoe Obshchestvo Pozitiv Teknolodzhiz, also known as JSC Positive Technologies, Federal State Autonomous Institution Military Innovative Technopolis Era, Federal State Autonomous Scientific Establishment Scientific Research Institute Specialized Security Computing Devices and Automation (SVA), and Obshchestvo S Ogranichennoi Otvetstvennostyu Neobit.

The US believes that Era is operated by the Russian Ministry of Defense, Pasit is an IT company that supports Russia’s Foreign Intelligence Service’s malicious cyber operations, SVA is a Russian state-owned organisation that also supports malicious cyber operations, and Russia-based IT security firms Neobit, AST, and Positive Technologies have the Russian government as one of their clients.

China

US officials have also announced new measures aimed at exposing and disrupting China’s government-sponsored cyber criminal activities. Furthermore, key NATO and other allies are expected to reveal new information about the methods used in the wave of large-scale cyber attacks that have affected thousands of government and private networks in the United States, and how to protect against them.

These actions are a direct result of President Joe Biden's recent foreign trip to meet with G7 and NATO leaders and may be the first step in a new multilateral coalition of allies that could eventually impose economic penalties on the Chinese government, similar to those that some Western states have placed on Russia. 

 A senior official said that the United States had convinced allies to name China’s Ministry of State Security as a key player in various criminal cyber activities, although he official gave no indication when economic penalties would be introduced. 

The White House has published an alert co-authored by the National Security Agency, Cybersecurity Infrastructure & Security Agency, and the FBI detailing 50 ways that criminal actors, allegedly sponsored by the Chinese government, attack Western networks, and how to defend against them. “Chinese state-sponsored cyber actors aggressively target US and allied political, economic, military, educational, and critical infrastructure, personnel and organizations to steal sensitive data, critical and emerging key technologies, intellectual property, and personally identifiable information,” the alert fact sheet says.

Regarding one of those targets, the senior official said, “The United States government, alongside our allies and partners, will formally attribute the malicious cyber campaign using the zero-day vulnerabilities in the Microsoft Exchange Server disclosed in March.”

The official also said that the United States and key allies were now ready to name China as a supporter of the same sort of cyber criminal sponsorship of which the United States and others have accused Russia. That could lay the groundwork for the United States to press allies such as Britain and the European Union to place new sanctions on China for its sponsorship of such activities. 

US-CERT:       DefenseOne:      NPR:      Newsweek:        ITPro:    

You Might Also Read: 

Data Privacy Is Key To The Technology Battle With China:

 

 

« Royal Cyber Security Significantly Increased
Was There A Russian Plot To Put Trump In The White House? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Senetas

Senetas

Senetas is a leading developer and manufacturer of certified high-assurance encryption solutions, dedicated to protecting network transmitted data without compromising performance.

Teneo

Teneo

Teneo is a Solutions Provider focused on reducing complexity. We combine leading technology with deep expertise to create new ideas on how to simplify IT operations.

Appdome

Appdome

Appdome is the industry's first mobile integration as a service company, providing solutions for enterprise mobility and mobile application security.

Network Integrity Systems

Network Integrity Systems

Network Integrity Systems is a leader in network infrastructure security and offers solutions specifically developed for Government and Private Enterprise.

Hypori

Hypori

Hypori is a virtual smartphone solution that makes truly secure BYOD a reality for organizations in healthcare, finance, government, and beyond.

Trustelem

Trustelem

Trustelem offers European and global companies a ready-to-use access management service that respects the principles of sovereignty, territoriality and privacy.

ALTR

ALTR

ALTR provide software-embedded solutions for data security and privacy.

Montreal International

Montreal International

You’re an entrepreneur planning to launch a company in an innovative sector such as AI, cybersecurity, 'deeptech' or fintech? You’ve found the right place!

Vijilan Security

Vijilan Security

Vijilan provides 24/7 SOC services to MSPs/VARs. Our Security Operations Center is global, and our services are exclusive to the Channel.

Visible Statement

Visible Statement

Visible Statement is a computer-based delivery system designed to insure the retention and recall of your most important security training messages.

Iterasec

Iterasec

Iterasec provides a full range of security services to hacker-proof your products and make software engineering process secure by design.

Start Left™ Security

Start Left™ Security

Start Left™ Security's Tauruseer Platform is the patented data-driven security posture management solution that provides a complete life cycle approach for proactive security in one place. 

Guidepost Solutions

Guidepost Solutions

Guidepost Solutions are a diverse, global team of investigators, experienced security and technology consultants, and compliance and monitoring experts.

Digital Element

Digital Element

Digital Element is a global IP geolocation and intelligence leader with unrivaled expertise in leveraging IP address insights to deliver new value to companies.

Bugv

Bugv

Bugv is a crowdsourcing cybersecurity platform powered by human intelligence where we connect businesses with cyber security experts, ethical hackers, bug bounty hunters from all around the world.

Tailscale

Tailscale

Tailscale is a VPN service that makes the devices and applications you own accessible anywhere in the world, securely and effortlessly.