Steven Senne / AP
BEIJING – China accuses the United States of launching cyber attacks against the Chinese government, scientific, aeronautical and other technical institutions over the past 11 years.
The finger pointing comes the day after the United States launched similar accusations against China, an exchange of blame that threatens to make cybersecurity yet another flaw in an already rocky US-China relationship.
“Stop pouring dirty water,” Zhao Lijian, spokesperson for China’s Foreign Ministry said at a press briefing Tuesday, referring to the United States and its allies. He added that these allegations “are based on nothing” and “serve only for political purposes of defamation and suppression. [China]. ”
Zhao countered that the United States launches the highest number of cyberattacks in the world each year, citing a 2020 report by the Chinese Internet security company 360 that allegedly named the Central Intelligence Agency as guilty of hacking businesses and d key Chinese government institutions for more than a decade.
Beijing’s accusations were part of a coordinated pullback against U.S. claims that China was behind a cyberattack earlier this year that compromised tens of thousands of Microsoft Exchange email accounts.
China says it played no part in Microsoft’s hack
A day earlier, the US Department of Justice also indicted four Chinese citizens of the secret Chinese Department of State Security who allegedly hacked the computer networks of dozens of businesses, universities and government entities.
China was quick to deny being behind the Microsoft hack.
“The United States has repeatedly launched baseless attacks and malicious defamation against China on cybersecurity,” tweeted Liu Pengyu, spokesperson for the Chinese embassy in Washington. He called the charges “just another old thing, with nothing new in it.”
Last March, Microsoft reported that at least 30,000 customers were affected by a hack that allowed outsiders to access the company’s email and calendar service through a software flaw previously unknown to the company. business. Volexity, the cybersecurity company that first discovered the Exchange breach, and Microsoft concluded the attacks originated in China and appeared to be state sponsored.
The public accusations from the United States have been timed to coincide with a broader condemnation of cyber attacks from China, through separate statements released by NATO, the European Union, Australia, New Zealand and Japan – indicating renewed interest under the Biden administration in combating Chinese piracy.
The United States’ cybersecurity efforts were previously primarily focused on Russia, which coordinates both state-sponsored attacks and refuses to prosecute cybercriminals, such as ransomware hackers who target Americans.
More recently, hackers suspected of being led by Russian state intelligence were behind the SolarWinds cyberattack, wiretapping the eponymous software used by many US government agencies and large US companies. .
“Malicious cyber activities that could potentially undermine the foundations of democracy embodied in a free, fair and secure cyberspace cannot be tolerated,” Foreign Press Secretary Tomoyuki Yoshida said in a statement, adding that Japan “strongly supports” the corresponding statements from the United States and the United Kingdom. slandering the hacks backed by China.
China works to strengthen its own safeguards
China’s Foreign Ministry has offered no evidence beyond the security report to substantiate its allegations of CIA-sponsored hacking. But the allegations reflect the heightened concern of Chinese leaders that foreign powers, especially the United States, can access the digital information of Chinese citizens and turn it into weapons.
Therefore, Chinese lawmakers have introduced new measures to protect the storage and access to digital information generated within its borders. For example, a new data security law that comes into force in September restricts data operations considered a risk to national security.
Beijing is particularly interested in protecting the enormous treasures of personal data that the country’s powerful private tech companies collect from millions of online users in China every day. The country is already requiring multinational companies like Apple to store the iCloud data of its Chinese users in China.
More recently, Tesla came under pressure from Chinese regulators who feared that the American company’s battery-powered cars could use the hundreds of cameras and sensors installed on the vehicle for spy purposes. In April, Tesla announced it would build a new data center in China to store data from vehicles sold on the mainland.
This month, newly empowered regulators launched a massive investigation into Chinese ridesharing platform Didi Chuxing just days after the company went public in New York City, citing concerns that the platform could expose Real-time location information and passenger records to US securities regulatory authorities.
China has also emerged as a formidable competitor alongside Russia in the area of piracy, with state-run hackers rapidly recovering amounts of commercial intellectual property from U.S. companies over the decades.
In 2013, then-President Barack Obama urged Chinese leader Xi Jinping to put in place “common rules of the road” to prevent digital theft. The two countries reached an agreement in 2015 that they would mitigate cyber attacks and investigate cybercrime originating from their borders.
Three years later, the fragile truce was already broken, according to US intelligence officials, who said China had reduced the number of cyber attacks against targets on US soil but had not completely stopped them.
Amy Cheng contributed to Beijing research