The United States and its foreign allies on Monday accused China of widespread malfeasance in cyberspace, including through a massive hack of Microsoft’s email system and other ransomware attacks, a dramatic escalation in the increasingly urgent attempt by the Biden administration to stave off further breaches.
In a coordinated announcement, the White House and governments in Europe and Asia identified China’s Ministry of State Security, the sprawling and secretive civilian intelligence agency, with using “criminal contract hackers” to conduct a range of destabilizing activities around the world for personal profit, including the Microsoft hack, according to a senior US administration official. The administration official also said China was behind a specific ransomware attack against a US target that involved a “large ransom request” — and added that Chinese ransom demands have been in the “millions of dollars.”
The public disclosure of the Chinese efforts amounts to a new front in an ongoing offensive by the Biden administration to bat away cyberthreats that have exposed serious vulnerabilities in major American sectors, including energy and food production. The extent of Chinese involvement in hiring criminal networks to invade and extort money around the world came as a surprise to the White House, officials said. “What we found really surprising and new here was the use of criminal contract hackers to conduct this unsanctioned cyber operation and really the criminal activity for financial gain. That was really eye-opening and surprising for us,” a senior administration official said on Sunday ahead of the announcement.