Anyone paying even the slightest bit of attention to international news knows that China — formally referred to as the People’s Republic of China (PRC) — and the United States haven’t always had a harmonious relationship. According to the American Cybersecurity and Infrastructure Security Agency, China has a history of performing cyberattacks on other countries to pursue their own interests.
More recently, China has committed cyberattacks against specific industries and organizations in the United States, including financial services, defense, government facilities, healthcare, communications, IT, and more. As of 2021, the U.S. Office of the Director of National Intelligence says that China presents itself as an increasingly threatening potential source of cyber-attacks. In fact, the office’s threat report says that China’s cyberattacks can create instability and vulnerability within the United States’ “critical infrastructure.”
In July of this year, the United States — alongside the European Union, Britain, Australia, Japan, Canada, and New Zealand — officially accused China of a cyberattack and cyber espionage campaign. Going even further, the U.S. Department of Justice accused three Chinese security officials and one contract hacker of attacking dozens of American universities, government agencies, and companies.
Zhao Lijian — China’s foreign ministry spokesperson — denied all accusations of Chinese cyber espionage, accusing the United States of falsifying claims. Additionally, he stated that China does not take part in cyberattacks or cyber espionage. The United States said that the aforementioned cyberattack campaign claimed that several American industries — including biopharmaceuticals, maritime, government agencies, healthcare, aviation, education, and defense — fell victim to this particular cyberattack spree.
Perhaps the most famous of these cyberattacks was the Microsoft attack. One of the most devastating of China’s cyberattacks, the hack attacked Microsoft Exchange servers and is estimated to have affected at least 30,000 organizations across the globe, some of which included school districts and mom-and-pop shops.
The attack was said to have been perpetrated by Hafnium, a hacker group with known ties to China’s government. Back in January, Hafnium located and took advantage of a server vulnerability in Microsoft Exchange. They used this weakness in the system to insert backdoors that they could return to later and exploit even further. In these “backdoors,” Hafnium placed a string of code that tricked the Microsoft Exchange servers into sending information. Since these transactions seemed legitimate, it took quite a while before anyone knew anything was wrong.
As many people very well know, this is not the first China-sponsored cyberattack against the United States. The American government has reported numerous cyberattacks in recent years, many of which they have attributed to China. Anthem Inc., the health care insurer, was also a victim of an attack. In the attack, hackers stole names, birth dates, and Social Security numbers — 78 million of them. The credit reporting agency Equifax Inc. and Marriott’s Starwood Hotels have also suffered attacks, both of which have affected millions of Americans.
Despite all of the evidence, China continues to deny any participation in international cyberattacks. Zhao has openly denounced the accusations, insisting that they were fabricated to drag China’s name through the mud and that the United States has a long history of villainizing China; in fact, China has accused the United States of cyberattacks themselves, pointing the cyber-finger back. According to the accusations, the United States has been performing cyberattacks against China for the past 11 years.
Whether or not every accusation is true or false, the threat of cyberattack is growing more and more concerning. Investigators working on the Microsoft Exchange hack believe that China is working to compile a huge database with information on Americans; they also believe that the Chinese hackers got the emails of Microsoft Exchange IT administrators from a previous attack. From here, it’s not difficult to see a larger potential plan emerging.
Clearly, the more information that China possesses, the easier it becomes for them to perform cyberattacks. Americans are so thoroughly and intricately connected through digital technology. For China, gaining even minute bits of information about Americans can open huge doors for future cyberattacks.
The more information they have, the more attacks they can perform. These attacks lead to more information, which leads to more attacks — and so on. Certainly, there is no easy solution to the problem, especially when considering the possibility that both the U.S. and China are lying. However, if we can’t get cyber espionage under control, it may prove more damaging than anyone ever imagined.
Sources:
China Accuses U.S. Of Cyberattacks; Says It Had No Role In Microsoft Hack : NPR
U.S. and allies accuse China of global hacking spree | Reuters
U.S. charges four Chinese nationals charged in global hacking campaign | Reuters
China Cyber Threat Overview and Advisories | CISA
China accused of cyber-attack on Microsoft Exchange servers – BBC News
Data Stolen in Microsoft Exchange Hack May Have Helped Feed China’s AI Project : NPR
