US, China trade hacking claims on new cyberspace rivalry front

Cyberspace has become the latest front in tensions between China and the United States, with each accusing the other of widespread hacking.

The war of words between the two largest economies started on Monday when the US and its allies said cyber actors working with China’s Ministry of State Security had sponsored a massive hack of the Microsoft Exchange email software.

Beijing hit back, rejecting the claims and accusing the US of “indiscriminate eavesdropping across the world”.

“The US mustered its allies to accuse China unreasonably over cybersecurity issues,” Chinese foreign ministry spokesman Zhao Lijian said on Tuesday.

“This is purely political to discredit and suppress China, and China will never accept it.”

Zhao said China resolutely opposed cybercrime and the US allegations lacked “a complete chain of evidence”.

“In fact, the United States is the world’s largest source of cyberattacks,” he said.

Citing a report from Chinese tech company Qihoo 360, Zhao said that for 11 years the CIA’s APT-C-39 cyberattack organisation had targeted Chinese aerospace research institutions, its petroleum industry, large IT companies, and government agencies.

And the US’ eavesdropping targets included not only its competitors but also its allies, he said.

“What I want to emphasise is that a small number of countries cannot represent the international community. To discredit others cannot whitewash themselves,” Zhao said.

Zhao’s comments came after the US Department of Justice said it had charged four mainland Chinese with establishing a front company – Hainan Xiandun Technology Development – to carry out cyberattacks against users in 12 countries.

Britain, Australia, Canada, New Zealand, the European Union and Nato also took aim at China over cybersecurity breaches.

Without blaming the Chinese government, the EU urged Chinese officials to rein in “malicious cyber activities undertaken from its territory”. Nato said it was willing to maintain a constructive dialogue with China.

Microsoft says Chinese hackers used flaws in its software to steal emails

In response, the Chinese diplomatic mission to the EU said “a certain country in the West” had long conducted “massive” eavesdropping, even on friendly countries.

“For years, a certain country in the West has abused its technological advantages for massive and indiscriminate eavesdropping across the world, even on its close allies,” it said, in an apparent reference to the US eavesdropping on European leaders, including German Chancellor Angela Merkel.

“At the same time, it has boasted of being the guardian of cybersecurity, attempted to manipulate and push around its allies to form ‘small circles’ and repeatedly smeared and attacked other countries on cybersecurity issues.

“Such practices fully expose its double standards and hypocrisy. It is also worth noting that Nato has made repeated and groundless accusations against China, attempting to break its geographical and sectoral constraints under the guise of cybersecurity and other issues.”

It said China was a major victim of cyberattacks, with tens of thousands of overseas malware servers – many of them in Nato countries – attacking millions of Chinese computer “hosts”.

The attacks had severely harmed national security, economic and social development, as well as people’s lives, the mission said.

Chinese diplomatic missions in Norway, Canada, Britain, New Zealand and the US issued similar statements.

Yu Xiaoqiu, an international affairs expert in Beijing, said Europe and the United States had joined forces in an increasingly fierce war of public opinion on cyberspace security.

“China and the US have great differences from the perspective of information and cyberspace governance issues,” Yu said.

Lu Xiang, a researcher on China-US relations with the Chinese Academy of Social Sciences, said the US allegations were part of its strategy to suppress China, and the two sides needed to discuss cyber issues.

“I think that the two sides need to sit down and have a good talk, as China is also a victim of cyberattacks and two sides share common threats in cyberspace,” Lu said.

The administration of former US president Donald Trump last year launched a “Clean Network” initiative to exclude Chinese network equipment, software and services from internet infrastructure used by the US and other nations.

The Chinese government responded by unveiling its own global data security initiative outlining issues that include handling of personal data and surveillance.