What is important: How big of a deal is it that the US and its foreign allies are accusing China of widespread misdeeds in cyberspace?
BF: It's a pretty important thing. One is that the Biden administration has been more focused on Russian hacking than Chinese hacking up to now and this has raised awareness of the dangers of Chinese cyber activity. Another reason is that while the previous US administrations were willing to speak out against China hacking, it's notable that the US had so many countries and allies involved this time around.
This is the first time NATO has condemned Chinese cyberattacks. There are many NATO members that have complicated relations with China Cybersecurity experts are of the opinion that the US was able to present an unifying front. This coordinated accusations also set the stage for possible future sanctions.
What's important: A Chinese official said to CNN that China's activities include "cyber-enabled theft, crypto-jacking and theft from victims across the world to make money" and ransomware-related attacks. How serious are these crimes?
BF The ransomware we've seen with the case of oil pipelines and meatpacking can be a major issue in the present. If not addressed promptly it could cause serious damage. Crypto-jacking, the use of malicious software to take a computer's resources and quietly generate cryptocurrency, isn't as well-known but shows how creative hackers can be in making a profit from their victims.
Monday's Biden administration described the actors as "criminal contract hackers" who hack for Beijing but also for their personal profit.
What's important: Biden stated that he will not be imposing sanctions on China as his team continues to investigate the extent of Beijing's actions. What's the process for these investigations and why takes so long?
BF: Hackers can use cloud-based servers as well as virtual private networks and other methods to disguise their location, making it difficult to trace cyberattacks back to its origin. Experts typically have to employ sophisticated techniques for forensics, such as analysing code fragments and searching for patterns, to make an educated guess as to who is responsible. Even then, officials usually claim that they did not attribute the attack to any particular group by affirming how confident and secure they are.
American officials said that they believe Chinese state-sponsored hackers were responsible for the hacking of Microsoft Exchange.
What's important is: What kind of vulnerabilities have the cyberattacks against the US exposed?
BF Most of the time, the same types of vulnerabilities that security experts have long warned about. According to the Department of Homeland Security, Chinese hackers have attempted to conduct surveillance on targets in the fields of aerospace and defense, education, government health care manufacturing and other crucial sectors of the economy. In many instances, Chinese hackers are accused of attempting to steal intellectual property and trade secrets -- and as part of the announcement this week the Justice Department indicted several more suspected Chinese hackers for doing exactly that.
What is important is: What should people be aware of as they move forward?
BF: US officials are urging companies and organizations to keep their systems and software up-to date and to create plans for emergencies in the event they are hacked, and to keep offline backups that they can use to recover from ransomware attacks without paying the hackers.
Keep an eye out for further punitive actions taken by the US and its allies toward China and any impact that this might have on the vital and complex economic relations between these two countries.
No comments yet