Whether to sanction China for alleged cyber misconduct, and how, had been a matter of internal discussions within the Biden administration, as CNN reports. Cybersecurity experts asked why the administration has not penalized China the way it did Russia earlier this year when blaming Russia’s intelligence services for the vast SolarWinds data breach.
The debate comes as the U.S., NATO, the European Union, Australia, New Zealand and Japan have issued statements attributing a hack of the Microsoft Exchange email server to China and lambasting cyber attacks out of the People’s Republic, as NPR reports. (Microsoft previously determined that China was behind the Exchange hack, which affected at least 30,000 customers.)
Meanwhile, the U.S. Department of Justice has also unveiled charges against four Chinese nationals, as the Associated Press reports. Prosecutors said the defendants worked with China’s Ministry of State Security to target trade secrets and research.
In response, China denied responsibility for the Microsoft Exchange hack and accused the U.S. Central Intelligence Agency of harmful attacks on Chinese organizations. The foreign ministry spokesperson called for the charges against the four defendants to be dropped. The public accusation against China marks “a dramatic escalation” of the Biden administration’s frenzied effort to shore up national cybersecurity, according to another CNN report.
A senior administration official told The Washington Post that the move is intended to set “clear expectations on how responsible nations behave in cyberspace.” The administration has previously broached its concerns with top Chinese authorities, the official said. Once blamed for basic phishing attacks, China has “transformed into a far more sophisticated and mature digital adversary,” The New York Times explains.
A 31-page joint Cybersecurity Advisory issued by three U.S. agencies lays out techniques used by China’s state-sponsored hackers, including exploiting several familiar software vulnerabilities, as GovInfoSecurity reports. Among recommended mitigation steps are timely patching, improved monitoring and other cybersecurity basics.