Truth, Inspiration, Hope.

US Criticizes China for Cyberattack on Microsoft Exchange, But Falls Short of Action

Arvind Datta
Arvind is a recluse who prefers staying far away from the limelight as possible. Be that as it may, he keeps a close eye on what's happening and reports on it to keep people rightly informed.
Published: July 27, 2021
Pedestrians walk past Microsoft's local headquarters in Beijing on July 20, 2021, the day after the US accused Beijing of carrying out the cyber attack on Microsoft and charged four Chinese nationals over the "malicious" hack in March. (Image: NOEL CELIS/AFP via Getty Images)

The Biden administration recently condemned China for waging cyberattacks against America. Washington was joined by its allies like the European Union who also issued their own statements criticizing the Chinese regime’s actions. However, some security experts feel that the public condemnations are essentially toothless as no action to punish the CCP for the cyberattacks has been announced.

On July 19, the Biden administration issued a statement calling out China’s Ministry of State Security (MSS) as being the perpetrator of a cyberattack on Microsoft Exchange’s email server that took place in March and gave Chinese hackers access to tens of thousands of networks worldwide. 

The MSS, one of Beijing’s main spy agencies, was also accused of contracting hackers who have carried out ransomware attacks on companies with demands of millions of dollars. 

“The PRC’s unwillingness to address criminal activity by contract hackers harms governments, businesses, and critical infrastructure operators through billions of dollars in lost intellectual property, proprietary information, ransom payments, and mitigation efforts,” theWhite House said. Washington called China’s “pattern of malicious cyber activity” as a “major threat” to American economic and national security.

The U.S. was joined by the European Union that issued a softer criticism, portraying the cyberattacks as having come from “the territory of China” rather than holding the communist regime directly responsible for the online assault. 

“We continue to urge the Chinese authorities to adhere to these norms and not allow its territory to be used for malicious cyber activities, and take all appropriate measures and reasonably available and feasible steps to detect, investigate and address the situation,” the statement said.

Other U.S. allies like Japan, the United Kingdom, Australia, Canada, and New Zealand also blamed Chinese state security agencies for the Microsoft Exchange cyberattack.

The multi-nation statements come as the FBI, NSA, and the Cybersecurity and Infrastructure Security Agency (CISA) recently issued a cybersecurity advisory that discussed more than 50 tactics, techniques, and procedures (TTP) used by “Chinese state-sponsored cyber actors” while targeting U.S. and allied networks.

“These actors aggressively target political, economic, military, educational, and critical infrastructure personnel and organizations to access valuable, sensitive data. These cyber operations support China’s long-term economic and military objectives,” an NSA news release stated.

Falling short of action on cyberattack

In 2020, Russian hackers backed by Moscow infiltrated thousands of organizations worldwide, including several U.S. government departments and American companies.

On April 15, 2021, Washington took action against Russia, expelling 10 diplomats and slapping financial sanctions on some officials. The Biden administration also placed Russia’s sovereign debt under new restrictions so as to make it harder for Moscow to raise funds to support its national current and trade new debt. 

But Washington has announced no such actions in response to the Chinese cyberattack on the Microsoft Exchange hack.

“The lack of any sanctions by the U.S. government against Chinese cyber threat actors is a huge problem that transcends four administrations… We need to stop treating China as if they have a special immunity to being held accountable and we need to act in parity as we have with the other major malicious cyber actors, including Russia,” Dmitri Alperovitch, chairman of the Silverado Policy Accelerator think tank, said to The Washington Post.

A CNN report cites an official from the Biden administration who said that they were discussing potential sanctions to be placed on China. However, the matter is still undecided due to economic complications. “The economic reality is that we are far more entangled with China than we are with Russia, and we have far less room to countenance sanctions,” the official said.

In an interview with ABC News, Bart Hoogeveen, a cybersecurity expert at the Australian Strategic Policy Institute (ASPI), stated that the EU statement was carefully worded, possibly indicating that there are divisions on the issue within the bloc, with some member states “not prepared to go as far” as the United States.

Hoogeveen feels that various countries, worried about being attacked by China, were forming a bloc to counter the communist regime. “We’ve seen this approach maturing over the last few years— hardly any countries are attributing alone,” he said. The collective blaming of China is not likely to affect Beijing at all since it might see such accusations as a small price to pay.

However, “this is also the art of diplomacy in terms of trying to build a norm. If you have a large enough group of states drawing this line, it becomes a de facto global norm or rule,” Hoogeveen stated.

Casey Fleming, CEO of BlackOps Partners, feels that the Biden administration is unable to grasp what they must do to protect American businesses. “The issue is the private sector—U.S. businesses and their CEOs and their boards—is under attack by a nation-state. That’s never happened before in history… And they don’t know what to do,” Fleming said.