China hits back at ‘fabricated’ US hacking allegations

Beijing says Washington’s claims are incomplete and ‘hypocritical’, alleges the US is main source of cyberattacks globally.

Chinese diplomats said the evidence surrounding China’s virtual wrongdoing was incomplete, while calling the US’s allegations 'hypocritical' saying that the US was the main source of hacks globally [File: Kacper Pempel/Reuters]

China’s government has denied being responsible for cyberattacks against Western nations after the United States and its close allies accused it of a global cyberespionage campaign.

The group of nations alleged on Monday that Beijing has been the mastermind behind a series of malicious ransomware, data theft and cyberespionage attacks against public and private entities, including a sprawling hack in March on Microsoft Exchange, a top email server for corporations around the world.

Separately, the US Department of Justice said four Chinese nationals had been charged with hacking the computers of dozens of companies, universities and government bodies in the US and abroad between 2011 and 2018.

China hit back on Tuesday, calling the allegations of a Beijing-supported cyberattack campaign “fabricated” and demanded Washington drop the charges against the four Chinese nationals.

“The United States ganged up with its allies to make unwarranted accusations against Chinese cybersecurity,” foreign ministry spokesman Zhao Lijian told reporters in Beijing. “This was made up out of thin air and confused right and wrong. It is purely a smear and suppression with political motives.”

“China will never accept this,” Zhao said, though he gave no indication of possible retaliation.

Citing what he said was Chinese cybersecurity research, Zhao accused the US. Central Intelligence Agency of carrying out hacking attacks on China’s aerospace research facilities, oil industry, internet companies and government agencies over an 11-year period.

Those attacks “severely compromised” national and economic security, Zhao said.

“China once again strongly demands that the United States and its allies stop cyber theft and attacks against China, stop throwing mud at China on cybersecurity issues and withdraw the so-called prosecution,” he said. “China will take necessary measures to firmly safeguard China’s cybersecurity and interests.”

Earlier, China’s diplomatic missions around the world had rattled out rebuttals, with the Chinese embassy in New Zealand calling the allegations “totally groundless and irresponsible”.

Al Jazeera’s Katrina Yu, reporting from Beijing, said that Chinese diplomats globally were unified in saying that the evidence with regard to China’s virtual wrongdoing was incomplete, while also calling the US’s allegations “hypocritical” and alleging that Washington was the main source of hacks globally.

To put the diplomatic squeeze on Beijing, the United States coordinated its statement on Monday with allies – the European Union, Britain, Australia, Canada, New Zealand, Japan and NATO.

But while a flurry of statements from Western powers represents a broad alliance, hacking experts said the lack of consequences for China beyond the US indictment was conspicuous. Just a month ago, summit statements by G7 and NATO warned China and said it posed threats to the international order.

Some of Monday’s statements even seemed to pull punches. While Washington and its close allies such as Britain and Canada held the Chinese state directly responsible for the hacking, others were more circumspect.

NATO merely said its members “acknowledge” the allegations being levelled against Beijing by the US, Canada and Britain. The EU said it was urging Chinese officials to rein in “malicious cyber activities undertaken from its territory” – a statement that left open the possibility that the Chinese government was itself innocent of directing the espionage.

The US was much more specific, formally attributing intrusions such as the one that affected servers running Microsoft Exchange earlier this year to hackers affiliated with China’s Ministry of State Security. Microsoft had already blamed China.

US Secretary of State Antony Blinken said in the attack was part of a “pattern of irresponsible, disruptive and destabilising behaviour in cyberspace”.

China’s Ministry of State Security, or MSS, “has fostered an ecosystem of criminal contract hackers who carry out both state-sponsored activities and cybercrime for their own financial gain”, Blinken alleged.

President Joe Biden told reporters the US was still completing an investigation before taking any countermeasures, and drew parallels with the murky but prolific cybercrime attributed by Western officials to Russia.

“The Chinese government, not unlike the Russian government, is not doing this themselves, but are protecting those who are doing it, and maybe even accommodating them being able to do it,” Biden told reporters.

Accusations of cyberattacks against the US have recently focused on Russia, rather than China.

US officials say that many of the attacks originate in Russia, although they have debated to what extent there is state involvement. Russia denies responsibility.

Source: Al Jazeera and news agencies