US confronts hacking by China
PBC News: Just as it plans to begin retaliating against Russia for the large-scale hacking of American government agencies and corporations discovered late last year, the Biden administration faces a new cyberattack that raises the question of whether it will have to strike back at another major adversary: China.
Taken together, the responses will start to define how President Joe Biden fashions his new administration’s response to escalating cyberconflict and whether he can find a way to impose a steeper penalty on rivals who regularly exploit vulnerabilities in government and corporate defences to spy, steal information and potentially damage critical components of the nation’s infrastructure.
The first major move is expected over the next three weeks, officials said, with a series of clandestine actions across Russian networks that are intended to be evident to President Vladimir Putin and his intelligence services and military but not to the wider world.
The officials said the actions would be combined with some kind of economic sanctions — though there are few truly effective sanctions left to impose — and an executive order from Biden to accelerate the hardening of federal government networks after the Russian hacking, which went undetected for months until it was discovered by a private cybersecurity firm.
The issue has taken on added urgency at the White House, the Pentagon and the intelligence agencies in recent days after the public exposure of a major breach in Microsoft email systems used by small businesses, local governments and, by some accounts, key military contractors.
Microsoft identified the intruders as a state-sponsored Chinese group and moved quickly to issue a patch to allow users of its software to close off the vulnerability.
But that touched off a race between those responsible for patching the systems and a raft of new attackers — including multiple other Chinese hacking groups, according to Microsoft — seeking to exploit the holes in the system while they could.
The US government has not made public any formal determination of who was responsible for the hacking, but at the White House and on Microsoft’s campus in Redmond, Washington, the fear is that espionage and theft may be a prelude to far more destructive activity, such as changing data or wiping it out.
The White House underscored the seriousne