Chinese government recruiting criminal hackers to attack Western targets, U.S. and allies say

Eric Geller

July 19, 2021 at 2:01 AM·5 min read

The Biden administration and U.S. allies on Monday blamed the Chinese government for a sprawling web of cyberattacks, including a blizzard of hacks into Microsoft email servers in March and intrusions for which Beijing partnered with cyber criminals.

The announcement by the U.S., the European Union, NATO and five close allies comes as the Biden administration attempts to establish a global consensus on limitations around cyberattacks, including discouraging hacks of critical infrastructure and breaches of businesses designed to extort money or steal trade secrets.

In a separate action, the Justice Department charged four Chinese nationals, three of them government agents, with engaging in a long-running hacking campaign aimed at stealing Ebola vaccine research, autonomous vehicle technology and other intellectual property from dozens of companies in the U.S. and other countries.

That operation involved creative means of exfiltrating stolen data, including by hiding it in a photo of then-President Donald Trump through a process called steganography.

Monday’s statements underscore how China’s aggressive digital army continues to wreak havoc while public attention largely focuses on the cyber threat from Russia.

Intelligence officials have concluded that China’s Ministry of State Security “uses criminal contract hackers to conduct unsanctioned cyber operations globally, including for their own personal profit,” a senior administration official told reporters on Sunday.

In some cases, the official said, Chinese hackers planted software on victims’ computers that silently generated units of cryptocurrency, a process known as mining. In other cases, cyber criminals working for Beijing have infected businesses with ransomware and demanded multimillion-dollar ransom payments, according to the official, who spoke anonymously per U.S. government policy.

Perhaps the most significant attack being attributed to Beijing is the massive series of intrusions into Microsoft Exchange servers that the tech giant disclosed in March. Those attacks, which exploited previously unknown digital flaws, breached tens of thousands of servers belonging to businesses and local governments and exposed them to a feeding frenzy of follow-up hacks by other groups.

The Biden administration has “high confidence” that Chinese cyber criminals hacked the Exchange servers “with the Ministry of State Security’s knowledge,” the senior administration official said.

The official described China’s “pattern of irresponsible behavior in cyberspace” as “inconsistent with its stated objectives of being seen as a responsible leader in the world.”

Chinese cyberattacks usually focus on stealing intellectual property from Western businesses so that Chinese companies can analyze and copy it. But the Ministry of State Security’s partnerships with profit-minded criminals may reflect a new strategy for Beijing.

“The use of criminal contract hackers … was really eye-opening and surprising for us,” the senior administration official told reporters.

The ransomware attacks conducted by Chinese government-affiliated hackers — one of which the official said involved “a large ransom request made to an American company” — also surprised the Biden administration.

The newly unsealed indictment, meanwhile, highlights Beijing’s more traditional focus on trade-secrets theft. It charges three officers of the the State Security Department in Hainan province and one employee of a front company that the department established to obscure its role.

The department's officers coordinated with criminal hackers and university professors to breach companies in a wide variety of industries, including health care, defense, aviation and pharmaceuticals, between 2011 and 2018, according to the indictment. One university in Hainan allegedly helped manage the front company by supplying a mailing address and managing its payroll.

Some of the hacks were aimed at stealing information that could help Chinese state-owned companies win contracts in the victim countries, prosecutors said.

“China continues to use cyber-enabled attacks to steal what other countries make, in flagrant disregard of its bilateral and multilateral commitments,” Deputy Attorney General Lisa Monaco said in a statement.

As part of Monday’s announcements, the FBI, the NSA and DHS’ Cybersecurity and Infrastructure Security Agency released a report exposing more than 50 tactics and techniques associated with Chinese government hackers, as well as a report focused on the hacking team at the center of the new indictment, which is known as APT40.

The senior administration official said the government-wide cyber upgrades mandated in a recent executive order from President Joe Biden would thwart many of these common attack methods.

Monday’s multilateral condemnation of Chinese hacking is meant to showcase the U.S.’ ability to recruit like-minded countries to declare certain behavior beyond the pale.

The U.K., Australia, Canada, New Zealand and Japan joined the Biden administration in criticizing China for its attacks, with more countries expected to sign on in the coming weeks. NATO’s participation marks the first time that it has called out the Chinese government in this way.

The breadth of the condemnations reflects “the degree to which countries increasingly recognize that there’s power in collective defense,” the senior administration official said.

But it remains unclear how even multilateral denunciations will alter the calculus for Beijing, which has found cyberattacks to be a potent tool for gathering intelligence, supporting its domestic industry and destabilizing foreign rivals.

The senior administration official described Monday’s announcement as part of a broader campaign, saying “no one action can change China's behavior in cyberspace, and neither can just one country acting on its own.”

In the four and a half months since Microsoft revealed the Exchange hacks, some cyber experts have wondered why it was taking the U.S. so long to blame China, as private security experts quickly did. The senior administration official attributed the delay to the scope of the intrusions, the desire to fully understand China's role and the need to recruit allies for a joint announcement.

Yahoo Sports
Former MLB infielder, Little League World Series star Sean Burroughs dies at 43
The seven-year major leaguer collapsed while coaching his son's Little League game on Thursday.
Yahoo Sports
Dolphins owner Stephen Ross reportedly declined $10 billion for team, stadium and F1 race
The value of the Dolphins and Formula One racing is enormous.
Yahoo Sports
The best RBs for 2024 fantasy football, according to our experts
The Yahoo Fantasy football analysts reveal their first running back rankings for the 2024 NFL season.
Yahoo Sports
Juan Soto’s unapologetic intensity and showmanship are captivating the Bronx and rubbing off on teammates: ‘Literally every pitch is theater’
The 2024 Yankees have rediscovered their bravado and hold the second-best record in the AL, thanks in large part to the superstar outfielder.
Yahoo Finance
The FDIC change that leaves wealthy bank depositors with less protection
Affluent Americans may want to double-check how much of their bank deposits are protected by government-backed insurance. The rules governing trust accounts just changed.
Autoblog
Which pickup trucks get the best fuel economy? Here are the tops for gas mileage (or diesel)
Trucks aren't known for being fuel efficient, though times are changing. These are the trucks with the best gas mileage in various segments.
Yahoo Sports
Timberwolves coach Chris Finch calls Jamal Murray's heat-pack toss on court 'inexcusable and dangerous'
Murray made a bad night on the court worse during a moment of frustration on the bench.
Yahoo Sports
Former NBA guard Darius Morris dies at 33
Former NBA guard Darius Morris has died at the age of 33. He played for five teams during his four NBA seasons. Morris played college basketball at Michigan.
Yahoo Sports
Golf’s moment of truth is here, and the sport is badly flailing
Nonexistent negotiations and missed opportunities for reconciliation between the PGA Tour and LIV Golf have the sport stuck in place.
Yahoo Sports
2024 Fantasy Football Mock Draft, 1.0
The Yahoo Fantasy football crew got together for their very first mock draft of 2024. Andy Behrens recaps the results.
Yahoo Finance
Former House Speaker Paul Ryan says he’s not voting for Trump : 'Character is too important'
Ryan says he would be writing in a Republican candidate instead of voting for Donald Trump.
Yahoo Sports
Ranking the best situations for the rookie quarterbacks: Start with Michael Penix in Atlanta at No. 1
It’s key to note that we’re not saying the “best team” or “best roster.” Instead, we’re talking about the best confluence of factors that can outline a path for survival and then success.
Yahoo Sports
Yahoo Fantasy staff's Mock Draft 1.0: Shocking picks are plentiful
Teams have made their big splashes in free agency and made their draft picks, it's time for you to do the same. It's fantasy football mock draft time. Some call this time of year best ball season, others know it's an opportunity to get a leg up on your competition for when you have to draft in August. The staff at Yahoo Fantasy did their first mock draft of the 2024 season to help you with the latter. Matt Harmon and Andy Behrens are here to break it all down by each round and crush some staff members in the process.
Yahoo Sports
Post-draft NFL fantasy power rankings: Offenses we love, like and want to stay away from
With free agency and the draft behind us, what 32 teams look like today will likely be what they look like Week 1 and beyond for the 2024 season. Matt Harmon and Scott Pianowski reveal the post-draft fantasy power rankings. The duo break down the rankings in six tiers: Elite offensive ecosystems, teams on the cusp of being complete mixed bag ecosystems, offensive ecosystems with something to prove, offenses that could go either way, and offenses that are best to stay away from in fantasy.
Yahoo Finance
Mortgage rates drop for the first time in five weeks with experts adjusting their forecasts
The average 30-year fixed mortgage rate edged back toward 7% this week but remains elevated, prompting housing experts to revise their forecasts for the rest of 2024.
Yahoo Sports
Cardinals lose C Willson Contreras after left arm fractured by J.D. Martinez's swing
The Cardinals' nightmare season continues.
Yahoo Finance
Recession-proof stocks are leading the market's latest leg higher
The Utilities and Consumer Staples sectors have popped since mid-April as investors search for value.
Yahoo Sports
The Cheap Seats: Fantasy baseball mailbag (with one key fantasy football question)
Fantasy baseball analyst Scott Pianowski answers your pressing questions in his latest mailbag as we head toward the end of Week 6.
Yahoo Sports
Blockbuster May trade by Padres, MVP Ohtani has arrived, Willie Mays’ 93rd birthday & weekend recap
Jake Mintz & Jordan Shusterman discuss the Padres-Marlins trade that sent Luis Arraez to San Diego, as well as recap all the action from this weekend in baseball and send birthday wishes to hall-of-famer Willie Mays.
Engadget
The best budgeting apps for 2024
Budgeting apps can help you keep track of your finances, stick to a spending plan and reach your money goals. These are the best budget-tracking apps available right now.

News

Life

Entertainment

Finance

Sports

New on Yahoo

Chinese government recruiting criminal hackers to attack Western targets, U.S. and allies say

Recommended Stories

Former MLB infielder, Little League World Series star Sean Burroughs dies at 43

Dolphins owner Stephen Ross reportedly declined $10 billion for team, stadium and F1 race

The best RBs for 2024 fantasy football, according to our experts

Juan Soto’s unapologetic intensity and showmanship are captivating the Bronx and rubbing off on teammates: ‘Literally every pitch is theater’

The FDIC change that leaves wealthy bank depositors with less protection

Which pickup trucks get the best fuel economy? Here are the tops for gas mileage (or diesel)

Timberwolves coach Chris Finch calls Jamal Murray's heat-pack toss on court 'inexcusable and dangerous'

Former NBA guard Darius Morris dies at 33

Golf’s moment of truth is here, and the sport is badly flailing

2024 Fantasy Football Mock Draft, 1.0

Former House Speaker Paul Ryan says he’s not voting for Trump : 'Character is too important'

Ranking the best situations for the rookie quarterbacks: Start with Michael Penix in Atlanta at No. 1

Yahoo Fantasy staff's Mock Draft 1.0: Shocking picks are plentiful

Post-draft NFL fantasy power rankings: Offenses we love, like and want to stay away from

Mortgage rates drop for the first time in five weeks with experts adjusting their forecasts

Cardinals lose C Willson Contreras after left arm fractured by J.D. Martinez's swing

Recession-proof stocks are leading the market's latest leg higher

The Cheap Seats: Fantasy baseball mailbag (with one key fantasy football question)

Blockbuster May trade by Padres, MVP Ohtani has arrived, Willie Mays’ 93rd birthday & weekend recap

The best budgeting apps for 2024