President Biden announced that the U.S. has a high degree of confidence that Chinese hackers targeted Microsoft in the scandalous hack. However, he did not lay out any plan to retaliate after the Chinese cyber hacks.
“The PRC’s pattern of irresponsible behavior in cyberspace is inconsistent with its stated objective of being seen as a responsible leader in the world,” the White House said in a statement. (Story continues beneath video.)
“Today, countries around the world are making it clear that concerns regarding the PRC’s malicious cyber activities is bringing them together to call out those activities, promote network defense and cybersecurity, and act to disrupt threats to our economies and national security.”
Calling out, but — thus far, no substantive retaliation, though Biden did announce there would be criminal charges for the four government-sponosored hackers.
“DOJ documents outline how MSS hackers pursued the theft of Ebola virus vaccine research and demonstrate that the PRC’s theft of intellectual property, trade secrets, and confidential business information extends to critical public health information,” the White House said.
“Much of the MSS activity alleged in the Department of Justice’s charges stands in stark contrast to the PRC’s bilateral and multilateral commitments to refrain from engaging in cyber-enabled theft of intellectual property for commercial advantage.”
Biden did say, at least, that they were working to clean up the mess and prevent future attacks, though we haven’t seemed to be successful in that regard so far.
“In the past few months, we have focused on ensuring the MSS-affiliated malicious cyber actors were expelled from public and private sector networks and the vulnerability was patched and mitigated to prevent the malicious cyber actors from returning or causing additional damage,” the White House said in a statement.
“The United States will continue to take all appropriate steps to protect the American people from cyber threats. Following Microsoft’s original disclosure in early March 2021, the United States Government also identified other vulnerabilities in the Exchange Server software. Rather than withholding them, the United States Government recognized that these vulnerabilities could pose systemic risk and the National Security Agency notified Microsoft to ensure patches were developed and released to the private sector. We will continue to prioritize sharing vulnerability information with the private sector to secure the nation’s networks and infrastructure.”