EU & NATO Agree To Confront The Chinese Cyber Threat

Uploaded on 2021-08-09 in INTELLIGENCE-Hot Spots-China, GOVERNMENT-Defence, FREE TO VIEW

An alliance of NATO members, the European Union, Australia, New Zealand and Japan will confront the threat posed by Chinese state-sponsored cyber attacks. The group will share intelligence on cyber threats and collaborate on network defenses and security, according to a senior Biden administration official.

In its first joint action, the alliance will publicly blame China’s Ministry of State Security (MSS) for a cyber attack on Microsoft Exchange earlier this year, which is believed to have hit at least 30,000 American organisations and hundreds of thousands more worldwide.

The attack was carried out by criminal contract hackers working for the MSS who also engage in cyber-enabled extortion, crypto jacking and ransomware, the official said. Also, the Federal Bureau of Investigation, National Security Agency and the Cybersecurity and Infrastructure Security Agency (CISA) released a new advisory listing 50 tactics, techniques and procedures that Chinese state-sponsored hackers employ.

A Chinese espionage network dubbed Hafnium was named by Microsoft as the attack group. The delay in naming China was partly to give investigators time to assemble the evidence to prove that the Hafnium hackers were on the Chinese state payroll, the official said. It was also important for the United States to act in concert with its allies when it made the public attribution, said the official.

At a time when cyber warfare is becoming the front line in a global power struggle between democracies and autocratic states, the new cybersecurity alliance could become a model for future efforts to confront transnational threats.

The formation of the alliance is intended to build on President Biden’s effort earlier this summer to rally support among NATO and EU allies for a more confrontational approach to China and comes after a number of economic and diplomatic sanctions that the Biden administration has imposed on Beijing this year, in response to alleged human rights abuses in Hong Kong and in Xinjiang province.   Recently, the US sanctioned seven Chinese officials in response to the ongoing crackdown on Hong Kong’s democratic institutions.

The newly launched cybersecurity alliance is focused on cooperative security and threat alerts and not on retaliation.

The White House has raised the Microsoft attacks with senior members of the Chinese government “making clear that the People’s Republic of China's (PRC) actions threaten security, confidence, and stability in cyberspace... We’re not ruling out further actions to hold [China] accountable,” said the senior official, “but we’re also aware that no one action can change the PRC’s behaviour, and neither can one country acting on its own. So, we really focused initially in bringing other countries along with us.”

China Is To Strengthen Cyber Security Regulation

China's Ministry of Industry and Information Technology has published a draft three-year action plan to develop the country's cyber security industry, the market value of all the firms in the sector will be 250 billion yuan ($38.6 billion) by 2023.

  • “Residents in east China’s Shanghai are witnessing and benefiting from the application of a good number of AI and other digital technologies catering for economic and social development, people’s livelihood and other fields”, says the Chinese People’s Daily Online.
  • China’s Guangdong province said it plans to build a common data platform in the Greater Bay area, including Hong Kong and Macau, and a data trading market in Shenzhen. Guangdong will consider establishing a data ‘customs hub’ to review and supervise cross-border data, according to a People’s Government of Guangdong Province statement.  

The Chinese government will “promote the distribution and sharing of data between Guangdong, Hong Kong and Macau, and the use of data to benefit industrial development, social governance and services to people”.
 

CNBC:        PinsentMasons:     Xinhuanet:     Chinese Foreign Ministry:      People's Daily:   Gov.Guangdong:

Cyberspace Affairs Commission:      CNBC

You Might Also Read:  

China’s National Cyber Security Powerhouse Strategy:

 

 

« Looking For Love May Have Unexpected Consequences
Britain & The USA Have Been Spying On Their Friends »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Digital Forensics Inc (DFI)

Digital Forensics Inc (DFI)

Digital Forensics Inc. is a nationally recognized High Technology Forensic Investigations and Information System Security firm

Stormshield

Stormshield

Stormshield is a European leader in digital infrastructure security. We offer smart, connected solutions in order to anticipate attacks and protect digital infrastructures.

BitRaser

BitRaser

BitRaser serves your needs for a managed & certified data erasure solution that can support internal & external corporate audit requirements with traceable reporting.

inBay Technologies

inBay Technologies

inBay Technologies' idQ Trust as a Service (TaaS) is a unique and innovative SaaS that eliminates the need for user names and passwords.

SailPoint

SailPoint

SailPoint provides identity governance solutions with on-premises and cloud-based identity management software for the most complex challenges.

ShiftLeft

ShiftLeft

ShiftLeft is a continuous application security platform, purpose-built for the modern software development life cycle.

Advisera 27001Academy

Advisera 27001Academy

Advisera is a market leader in providing documentation and online support for the implementation of business standards including ISO 27001, ISO 22301 and EU GDPR.

Plug and Play Tech Center

Plug and Play Tech Center

Plug and Play is the ultimate innovation platform, bringing together the best startups and the world’s largest corporations.

Abion

Abion

At Abion (formerly BRANDIT), we empower your business by providing comprehensive brand protection and web security services.

FortifyData

FortifyData

FortifyData is the next generation of cyber risk management–a comprehensive platform that continuously evaluates your third-party, internal and people risks.

Telefonica Global Solutions (TGS)

Telefonica Global Solutions (TGS)

Telefonica Global Solutions is the technological partner of wholesalers and enterprises, helping them to achieve the digitalization they need.

Certihash

Certihash

Certihash have developed the world’s first blockchain empowered suite of information security tools based on the NIST cybersecurity framework.

Veriti

Veriti

Veriti is a unified security posture management platform that integrates with your security solutions and proactively identifies and remediates potential risks and misconfigurations.

Purple Team

Purple Team

Purple Team is an expert cybersecurity and managed security service provider focused on arming your IT infrastructure with both red team and blue team services.

Auriga

Auriga

Auriga create innovative software and have become a benchmark for high quality banking software including cyber security solutions to protect business critical devices.

WIIT Group

WIIT Group

WIIT Group are focused on a single goal: securing our clients’ critical processes and enabling them for digital transformation.