WASHINGTON, July 19 (Reuters) – The United States and its allies on Monday accused China of a global cyberespionage campaign, bringing together an unusually large coalition of countries to publicly denounce Beijing for hacking.
The United States has been joined by NATO, the European Union, Britain, Australia, Japan, New Zealand and Canada in condemning espionage, which the Secretary of State said American Antony Blinken, was “a major threat to our economic and national security”.
Simultaneously, the US Department of Justice indicted four Chinese nationals – three security officials and a hacker – for targeting dozens of businesses, universities and government agencies in the US and abroad. .
The Chinese Embassy in Washington did not immediately respond to a request for comment. Chinese officials have previously said that China is also a victim of hackers and opposes all forms of cyberattacks.
During an event on the administration’s infrastructure plan, US President Joe Biden told reporters: “I understand that the Chinese government, much like the Russian government, does not do it itself, but protect those who do. And maybe even accommodating that they are able to do it. “
White House spokeswoman Jen Psaki was then asked during her daily briefing on why Biden had not directly blamed the Chinese government in his response to a reporter’s question.
“That was not the intention he was trying to project. He takes malicious cyber activity incredibly seriously,” Psaki said.
Psaki also said that the White House does not differentiate between Russia and China when it comes to cyber attacks.
“We do not hold back, we do not allow any circumstance or economic consideration to prevent us from taking action … we also reserve the right to take further action.” she said.
While a wave of statements from Western powers represents a broad alliance, cyber experts have said the lack of consequences for China beyond the US indictment is glaring. Just a month ago, statements at the G7 and NATO summits warned China and declared it a threat to international order.
Adam Segal, cybersecurity expert at the Council on Foreign Relations in New York, called Monday’s announcement a “successful effort to get friends and allies to attribute the action to Beijing, but not very useful without any concrete follow-up. “.
Some of Monday’s statements even seemed to be doing well. While Washington and its close allies like the UK and Canada held the Chinese state directly responsible for the hack, others were more wary.
NATO has simply said that its members “recognize” the allegations made against Beijing by the United States, Canada and the United Kingdom. The European Union has said it is urging Chinese authorities to curb “malicious cyber activity undertaken from within its territory” – a statement that left open the possibility that the Chinese government itself was innocent of leading the espionage. .
The United States has been much more specific, officially attributing intrusions such as the one that affected servers running Microsoft Exchange earlier this year to hackers affiliated with China’s State Security Ministry. Microsoft (MSFT.O) had previously blamed China.
US officials said they were surprised at the extent and scale of the hacking attributed to China, as well as China’s use of “criminal hackers.”
“The PRC’s Ministry of State Security (MSS) has fostered an ecosystem of criminal hackers who carry out both state sponsored activities and cybercrime for their own financial gain,” Blinken said.
US security and intelligence agencies have described more than 50 techniques and procedures that “Chinese state-sponsored actors” use against US networks, a senior administration official said.
In recent months, Washington has focused its attention on Russia, accusing Russian hackers of a series of ransomware attacks in the United States.
The senior administration official said U.S. concerns over Chinese cyber activities had been raised with senior Chinese officials. “We are not ruling out other measures to hold the PRC to account,” the official said.
The United States and China are already at loggerheads over trade, China’s military build-up, South China Sea disputes, crackdown on democracy activists in Hong Kong, and treatment of Uyghurs in the region from Xinjiang.
Blinken cited the Justice Department indictments as an example of how the United States will impose consequences.
The defendants and officials from the Hainan State Security Department, a regional state security office, tried to hide the Chinese government’s role in information theft using a shell company, according to the report. the indictment.
The campaign targeted trade secrets in sectors such as aviation, defense, education, government, healthcare, biopharmaceutical and maritime industries, the Justice Department said.
The victims were in Austria, Cambodia, Canada, Germany, Indonesia, Malaysia, Norway, Saudi Arabia, South Africa, Switzerland, the United Kingdom and the United States.
“These criminal charges underscore once again that China continues to use cyber attacks to steal what other countries are doing, in blatant disregard of its bilateral and multilateral commitments,” said the United States Deputy Attorney General, Lisa Monaco, in the press release.
Reporting by Steve Holland, Doina Chiacu, Nandita Bose, David Shepardson and Lisa Lambert; Editing by Chizu Nomiyama and Grant McCool
Our standards: Thomson Reuters Trust Principles.