ANALYSIS – The news of the latest communist Chinese cyber hacking attacks against the United States finally forced President Joe Biden and several European and Five Eyes allies to openly condemn CCP China, and essentially admit that Russia isn’t the only adversary attacking western systems on a massive scale. However, this condemnation (if it can even be called that) is even less forceful than the still weak-kneed response to Russian attacks.
“The U.S. government has high confidence that hackers tied to the Ministry of State Security (MSS), carried out the unusually indiscriminate hack of Microsoft Exchange Server software that emerged in March, senior officials said,” according to the Wall Street Journal. But the feckless response by Biden prompted the New York Post Editorial Board to write scathingly:
China’s in trouble now: President Joe Biden is angry — really, really angry — about its cyberattacks. So angry that the White House on Monday issued a condemnation that actually cited China by name. Oooooh!
Beijing must be quaking in its boots: If officials there don’t shape up, who knows? Biden might castigate them a second time.
The White House statement, which blames the Chinese government for the massive hack of Microsoft Exchange servers this year and other attacks since 2011, reads like self-parody: It sternly (and rightly) scolds Beijing — but doles out no consequences to make the Chinese pay or to deter future attacks.
“The United States has long been concerned about the People’s Republic of China’s (PRC) irresponsible and destabilizing behavior in cyberspace,” it chides. And so “today, the United States and our allies and partners are …” — wait for it! — “… exposing further details of the PRC’s pattern of malicious cyber activity.”
Exposing details — that’s it?
Until now, notes the Heritage Foundation’s Daily Signal (DS), “cybersecurity experts have focused mostly on ransomware attacks, such as recent attacks on private companies Kaseya and JBS S.A. by the cybercriminal group REvil, and on the Colonial Pipeline by the Russian hacking group DarkSide.” For the most part they have ignored the possibly far more sinister and dangerous cybercrime: espionage.
And this is the cyber hacking China has been heavily engaged in, and it is potentially far more damaging and aggressive in the long term than anything the Russians are doing.
As DS explains:
China has targeted government, private entities, public policy think tanks, and defense contractors for years. Some notable attacks include the breach of the U.S. Office of Personnel Management through a series of hacks between 2013 and 2015, the Equifax hack of 2017, and, recently, attempted cyberattacks of COVID-19 vaccine-maker Moderna.
As former director of the National Counterintelligence and Security Center, Bill Evanina, stated in a “60 Minutes” interview earlier this year, “Current estimates are that 80% of American adults have had all of their personally identifiable information stolen by the Communist Party of China.”
The New York Post continues:
Cybersecurity expert Dmitri Alperovitch warns that Beijing’s breach of Microsoft systems, which put hundreds of thousands of businesses and private info at risk, were “much more dangerous than the Russian SolarWinds hacks” last year, yet those triggered US sanctions against Russian culprits.
The failure to punish any “PRC-affiliated actors” now looks like “a double standard,” says Alperovitch. “We treat China with kid gloves.”
China is increasingly testing the West — in the South China Sea, by withholding COVID data, over Taiwan, Hong Kong, the Uyghurs … Let’s hope Biden summons the will to finally push back meaningfully before it’s too late to matter. ADN