The US, together with allies in Europe and Asia-Pacific, today accused China's intelligence service of carrying out ransomware attacks against US and other foreign targets and promised to reciprocate in case of future incidents.
The US government has recently elevated its response to ransomware and other cybersecurity incidents following the May attack on the 2.5mn b/d Colonial Pipeline system in the US.
But unlike that incident, which was attributed to non-state actors, the White House contended today that China's Ministry of State Security (MSS) was directly involved in carrying out a ransomware attack in March that involved Microsoft Exchange Server email processing software that billions of users rely on daily. The US did not disclose the ransomware target involved in the incident attributed to China's security agency.
"This was surprising to us," a senior US official told reporters in a briefing yesterday. "The MSS is using criminal contract hackers to conduct unsanctioned cyber operations globally, including for their own personal profit." The EU, Australia, Canada, Japan, New Zealand, the UK and NATO are backing the US accusation.
The US for now is relying on a name-and-shame tactic, instead of unveiling sanctions. The US administration has discussed the incident with China and "we are at that first important stage of bringing awareness and buy-in to this attribution, and focusing us together on our collective security efforts," the official said. "We are not ruling out further actions to hold (China) accountable."
China's embassy in Washington was not immediately available for comment.
Today's action fits a trend of deteriorating relations between Washington and Beijing. The US Justice Department today unsealed indictments against alleged Chinese intelligence officials and a cyber-hacker accused of accessing US companies' proprietary infectious disease research and other intellectual property.
And the Treasury Department on 16 July issued a broad advisory warning US businesses and citizens against working in Hong Kong. US businesses and individuals operating in Hong Kong "should be aware of potential reputational, regulatory, financial, and, in certain instances, legal risks associated with their Hong Kong operations," the Treasury Department said.
The US last year revoked Hong Kong's special status in trade and financial relations with the US and has been imposing sanctions on Chinese and Hong Kong officials accused of enforcing laws that have been removing the autonomous territory's special status in China.
"Hong Kong is part of China, and its affairs are purely China's domestic affairs," China's foreign ministry said today. "The so-called sanctions imposed by the US are nothing more than a waste of paper. It is simply delusional to believe that China will bow to sanctions."