• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to secondary sidebar

Alston & Bird Privacy, Cyber & Data Strategy Blog

  • Home
  • Services
  • Events
  • Contacts

U.S. and Allies Formally Accuse China of Microsoft Hack and Cyberespionage

July 20, 2021 By Kellen Dwyer, Jon Knight and Lance Taubin

On July 19, 2021, the Biden administration, along with a group of allies publicly accused the Chinese government of malicious cyber activities and irresponsible state behavior.  The joint announcement states the U.S. uncovered a wide array of cyberattacks by hackers with a history of working for the China’s Ministry of State Security (MSS).  Importantly, the announcement attributes the recent attack on Microsoft Corp.’s Exchange email software—an attack which infected tens of thousands of businesses, government offices and schools in the U.S. alone – to the MSS.  While the public accusation was not accompanied by any sanctions or punitive measures against China, the unified condemnation by the global community is significant: this is a broad coalition (the U.S., the EU, the U.K., Canada, Australia, New Zealand, Japan and the 30 nations comprising NATO) attributing the Microsoft Exchange cyberattack to China and, more broadly, criticizing China of engaging in years of harmful cyber activity.

In connection with the allegations, the Department of Justice (DOJ) announced criminal charges against four MSS hackers for targeting foreign governments and entities in crucial sectors, such as defense, education, healthcare, maritime and aviation, pursuing cybertheft of intellectual property for financial gain. The DOJ indictment accused the hackers of stealing information from dozens of organizations and universities around the globe, specifically stealing Ebola virus research and other important intellectual property. The unsealed DOJ documents allege a violation of the 2015 accord between China’s President Xi and the Obama Administration to not direct or support cyberattacks to steal corporate records or intellectual property.

It is clear that the Biden administration and U.S. government are acutely focused on cybersecurity issues and assisting the private sector in defending against these attacks.   In conjunction with the announcement attributing the attacks to the MSS, he National Security Agency (NSA), Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) published a Joint Cybersecurity Advisory of more than 50 tactics, techniques and procedures (TTPs) used by the MSS hackers.  Similar to the recent launch of StopRansomware.gov, the Joint Cybersecurity Advisory provides insights and tools to help businesses and critical infrastructure operators secure their networks and protect their data.  With regards to the MSS hackers, the TTPs indicate they were particularly reckless in their approach: indiscriminately scanning the Internet to find vulnerable servers, and then installed scripts and/or webshells, and enabling remote administration administrative control of such servers by the hackers.  Businesses are encouraged to review these TTPs and analyze whether their environments are susceptible to these approaches.

Filed Under: China, Cyber Espionage

About Kellen Dwyer

Kellen Dwyer is partner and co-leader of Alston & Bird’s National Security & Digital Crimes practice. He previously served in the Justice Department in several cyber and national security roles. As an assistant U.S. attorney in the Eastern District of Virginia, he obtained a computer hacking indictment against Julian Assange and represented the United States at Assange’s extradition hearings in London.

[Read Bio]

About Jon Knight

Jon Knight is a senior associate with Alston & Bird’s Privacy, Cyber & Data Strategy Team in the Washington, D.C. office. He focuses his practice on cybersecurity and privacy compliance and enforcement, as well as emerging technology issues.

[Read Bio]

About Lance Taubin

Lance Taubin is an associate with Alston & Bird’s Privacy, Cyber & Data Strategy team. He advises clients on data privacy and cybersecurity compliance and enforcement, managing cyber risk, breach investigations, and response and transactional diligence.

[Read Bio]

Primary Sidebar

This blog is a service of Alston & Bird’s Privacy, Cyber & Data Strategy team and focuses on key data privacy and data security issues.


Receive email notifications when new posts are added.

Receive email notifications when new posts are added.


THE DIGITAL DOWNLOAD
Click here to see the editions

PRIVACY & CYBER EVENTS
Click here to see upcoming and past events

PRIVACY & CYBER MAILINGS
Click here to sign up

@ALSTONPRIVACY
Click here to follow us on Twitter

Secondary Sidebar

Categories

Recent Posts

  • The California Privacy Protection Agency Solicits Public Input on Forthcoming Privacy Regulations
  • U.S. Department of Commerce Announces the Establishment of a Global CBPR Forum
  • Colorado Issues Pre-Rulemaking Considerations for the Colorado Privacy Act
  • Recent Updates in Two Closely-Watched Cybersecurity and Privacy-Related Securities Fraud Class Actions
  • EU and U.S. Reach Agreement In Principle on a Replacement for the EU-U.S. Privacy Shield
Copyright © 2022 · Alston & Bird · All Rights Reserved. Privacy.