Update (1310ET): Despite Beijing's threat to retaliate against the US if it imposes new sanctions or - worse still - attempts to retaliate with a cyber-offensive of its own, the Biden Administration just released a statement saying it reserves the right to take additional unilateral action. And although it hasn't ruled out unilateral action, it would prefer to act in concert with its international allies.
* * *
Update (1230ET): Beijing has just responded to the latest allegations by the Biden Administration and its "coalition of allies." In an editorial published by the English language Global Times, the pro-government paper blasted the US government's claims that the Chinese government partners with independent hackers as "a huge lie" and added that such a practice cannot be carried out in China's system.
The notion that China has knowingly allowed criminal hackers to profit at the expense of China's "national reputation" is also absurd, the editorial claimed.
China has a strict system of accountability. The US has accused China of cyber attacks for many years. It has become a highly sensitive issue between China and the US. We have to ask: What is the motive and benefit for China to launch large-scale cyber-attacks against the US and severely hit China-US relations as the US has accused? Which piece of information or economic benefit from the US is more important than China's national reputation?
The US even claimed that China has allowed contractor hackers to pursue their personal profit; in other words, China is willing to use its national interests to pay for the interests of those hackers and specific organizations they represent. We don't know whether the US and Western societies controlled by capital have such logic, but it is totally unthinkable in socialist China.
The author added that cyber attacks are extremely difficult to trace, and that Washington is "exploiting" its cyber woes to "frame" China. "Cyber attacks have happened in almost all countries and China has suffered more damage than the US."
Finally, Beijing accused Washington of "slander" against China which "has been excessive." They added that if the US "takes aggressive measures, carries out national-level cyber attacks on China, or imposes so-called sanctions on China, we will retaliate."
"The US cannot exploit these smears to substantively attack China. If the US takes aggressive measures, carries out national-level cyber attacks on China, or imposes so-called sanctions on China, we will retaliate."
Meanwhile, Hu Xijing, the top editor at the Global Times and one of Beijing's most visible English-language mouthpieces, is tweeting about the "oppressiveness" of American police.
The Chinese people stand firmly with the oppressed American people. https://t.co/Xzk6ctbC6r— Hu Xijin 胡锡进 (@HuXijin_GT) July 19, 2021
* * *
As President Biden and his administration continue to burnish his "tough on China" credentials (which is shaping up to be a "theme" for the White House in July), the US has just announced that members of China's intelligence agency of hiring cyber-criminals to carry out a global campaign of hacks and cyber intrusions.
The US is expected to say Monday that the Chinese government has been the mastermind behind a series of malicious ransomware, data theft and other cyber-espionage attacks against public and private entities around the world, including the Microsoft Exchange hack uncovered earlier this year.
According to Bloomberg, the US will present evidence showing how China’s Ministry of State Security uses criminal contract hackers to conduct unsanctioned cyber operations globally, including for its own personal profit. Additionally, the NSA, CISA and FBI will expose more than 50 tactics Chinese state-sponsored cyber hackers have used.
Per the FT, a senior US official said
"China's MSS - Ministry of State Security - uses criminal contract hackers to conduct unsanctioned cyber operations globally, including for their own personal profit."
"Their operations include criminal activities, such as cyber-enabled extortion, crypto-hacking and theft from victims around the world for financial gain."
Before now, the US has stopped short of publicly blaming Beijing for the Microsoft hacks.
Though of course this isn't the first we're hearing of the Microsoft Exchange hack, or other Chinese cyber-intrusions. Following ransomware attacks like the one that crippled the Colonial natural gas pipeline, cybersecurity has become an increasingly important political priority this year. The measures are also reminiscent of Biden's old boss President Obama, who once charged 5 Chinese military personnel over alleged involvement in a cyberattack on American corporations. Of course, that turned out to be a lot of chest-beating and not a lot of action.
From the looks of it, the US isn't alone in this. A coalition of NATO members along with the EU, New Zealand, Japan and Australia are reportedly launching a new alliance between the NATO members that involves sharing intelligence on cyber-threats and collaborating to improve their networks security. Microsoft blamed that attack on a China-backed group called Hafnium, according to CNBC.
They're also expected to join the US in blaming China and its intelligence apparatus for ordering hacks including the Microsoft Exchange intrusion.
CNBC pointed out that the new alliance follows Biden's lobbying NATO and EU members for support in adopting a more "confrontational" approach to China's cyber-activities.