China dismisses Exchange attribution and accuses US of whitewashing its cyber heists

Beijing has labelled the attribution on Monday from a number of Western allies as groundless.
Written by Chris Duckett, Contributor

China has done what was expected of it, and dismissed the Exchange hack attribution made earlier this week by the North Atlantic Treaty Organization (NATO) and a collection of nations, including the United States, European Union, United Kingdom, Australia, Canada, New Zealand, and Japan.

The attribution marked the first time NATO had publicly attributed an attack to China.

Spokesperson for the Chinese Foreign Ministry Lijian Zhao hit back and labelled the United States as the world's top hacking empire.

"The US ganged up with its allies to make groundless accusations out of thin air against China on the cybersecurity issue. This act confuses right with wrong and smears and suppresses China out of political purpose. China will never accept this," he said.

"China firmly opposes and combats all forms of cyber attacks. It will never encourage, support or condone cyber attacks. This position has been consistent and clear."

Naturally, this flies in the face of the attribution made on Monday that accused China of using "criminal contract hackers" for its cyber operations.

"We are aware that PRC government-affiliated cyber operators have conducted ransomware operations against private companies that have included ransom demands of millions of dollars," the White House said.

"The PRC's unwillingness to address criminal activity by contract hackers harms governments, businesses, and critical infrastructure operators through billions of dollars in lost intellectual property, proprietary information, ransom payments, and mitigation efforts."

At the same time, the US Department of Justice (DoJ) charged four members of China's Ministry of State Security for conducting attacks in a "multiyear campaign targeting foreign governments and entities in key sectors, including maritime, aviation, defense, education, and healthcare in a least a dozen countries", including being accused of stealing Ebola virus vaccine research.

In April, DoJ revealed the FBI gained authorisation to remove web shells installed on compromised servers related to the Exchange vulnerabilities.

"Many infected system owners successfully removed the web shells from thousands of computers. Others appeared unable to do so, and hundreds of such web shells persisted unmitigated," the department said at the time.

"This operation removed one early hacking group's remaining web shells which could have been used to maintain and escalate persistent, unauthorised access to US networks."

Nevertheless, China has done what it was expected to do, and accused its accusers of the same thing.

"The so-called technical details released by the US side do not constitute a complete chain of evidence. In fact, the US is the world's largest source of cyber attacks," Zhao said.

"The US is wiretapping not only competitors, but also its allies. Its European allies downplay US moves to use Denmark's intelligence agency to spy on their leaders, while making a fuss about 'China's cyber attacks' based on hearsay evidence. This act contradicts strategic autonomy claimed by Europe.

"I would like to stress that a handful of countries do not represent the international community, and denigrating others doesn't help to whitewash one's own wrongdoings."

The Chinese embassy in Canberra served up a rebuttal of its own, accusing Australia of "parroting the rhetoric" of the US, which it labelled as the "world champion" of malicious cyber attacks.

"Australia also has a poor record, including monitoring the mobile phone of the president of its biggest neighbour country, not to mention acting as an accomplice for the US' eavesdropping activities under the framework of Five Eyes alliance," it said.

"What the Australian government has done is extremely hypocritical, like a thief crying 'stop the thief'."

Citing figures from China's National Computer Network Emergency Response Technical Team, Zhao claimed 5.31 million computers in China were controlled from 52,000 command and control servers outside the Middle Kingdom.

"The US and two of its NATO allies are the top three in terms of the number of computers under their control in China," he said.

More from China

Editorial standards