Why does china hack

Image source, Getty Images. The Microsoft hack affected at least 30, organisations globally. You might also be interested in:. This video can not be played To play this video you need to enable JavaScript in your browser. Nato warns cyber attacks could result in a military land incursion from allies June Related Topics.

China Cyber-attacks Microsoft Cyber-security. In February , American cybersecurity firm Mandiant released a report contending that Unit of the PLA was behind attacks on companies, including in the US. Around the same time, the US Department of Homeland Security provided Internet service providers with the Internet addresses of hacking groups in China. When President Obama and Mr. Obama spoke diplomatically, noting that cyber-espionage was not unique to the US-Chinese relationship. Privately, however, Obama was more forceful, warning Xi that the hacking could severely damage bilateral relations.

It had little effect on Beijing. China has consistently denied responsibility for cyber-espionage. In fact, Xi portrayed China as a victim. Snowden also told the local press that the NSA had hacked mainland Chinese targets, including universities and telecommunications companies. The Chinese press jumped on the allegations. The revelations, at least temporarily, vitiated the diplomatic pressure Washington was putting on Beijing.

After being named responsible for the New York Times hack in February , Unit temporarily curtailed its activities. Yet other groups in China seemed to pick up the slack.

The Chinese government kept up a steady stream of denials, counteraccusations, and claims of victimhood. Moreover, by September, Unit was back doing its mischief again. Throughout these months, Congress searched for ways to raise the cost to China by pursuing a trade case in the World Trade Organization, levying economic sanctions and travel restrictions on suspected cyber spies, and blocking Chinese companies that benefited from espionage from participating in US markets.

As Gen. In the wake of the Snowden revelations and the PLA indictments, Beijing increased its focus on the security of the products it purchased from Microsoft and others. Many of these companies would soon find new barriers to doing business in China. Banks were encouraged to swap out IBM servers for ones from Inspur, a local brand, and government workers in a northeastern city replaced Microsoft Windows with NeoKylin, a Chinese-developed operating system.

Chinese officials in Shanghai and other cities were told to ditch their Apple iPhones for Huawei phones. Then, in January , Beijing circulated regulations that would force foreign technology companies supplying Chinese banks and other critical sectors to turn over secret source code, submit to invasive audits, and build surveillance backdoors into hardware and software.

Chinese officials justified the moves by pointing to the Snowden revelations and to what they saw as similar actions by the US government in blocking market access to Chinese companies. Feuds over spying used to be relatively innocuous.

The hackers compromised 22 million records, including security background checks and data on intelligence and military personnel, as well as the fingerprints of 5. The records could allow Chinese counterintelligence agencies to identify spies working undercover at US embassies around the world.

The US is not the only target of this massive espionage network. Electronic spies are also on the lookout for political information. They also targeted embassies, foreign ministries, and other government offices of Germany, India, Indonesia, Romania, South Korea, Taiwan, and others. By the time Obama welcomed Xi to the White House in September, cyber-espionage was at the top of the diplomatic agenda.

The trip was especially important to Xi to bolster his image with the Chinese public as a strong world leader.

Chinese officials met with their US counterparts numerous times to ensure the visit was not disrupted by protocol errors, such as those that occurred at the summit with President George W.

The state dinner was a lavish affair. A spokesperson for the Chinese Embassy in Washington, Liu Pengyu, called the accusations against China "irresponsible. At an event about the administration's infrastructure plan, U. President Joe Biden told reporters: "My understanding is that the Chinese government, not unlike the Russian government, is not doing this themselves, but are protecting those who are doing it.

And maybe even accommodating them being able to do it. White House spokeswoman Jen Psaki was later asked at her daily briefing why Biden did not directly blame the Chinese government in his response to a reporter's question.

He takes malicious cyber activity incredibly seriously," she said, adding that the White House did not differentiate between Russia and China when it comes to cyber attacks. Also we reserve the option to take additional action," she said.

While a flurry of statements from Western powers represents a broad alliance, cyber experts said the lack of consequences for China beyond the U. Looking ahead, the United States should continue to engage its allies to work toward more specific messaging so that Western democracies present a more consistent view on the boundaries between responsible and irresponsible cyber behavior. The NATO statement stood out because this was the first time the alliance has publicly condemned Chinese cyber behavior.

This is not surprising given sensitivities in Europe to the strategic implications of economic links between EU members and China. However, the weaker attribution language in the EU statement may have provided China with an opportunity to continue exploiting differences in perspectives across the transatlantic alliance about how to address the strategic challenge posed by China.

Also of note, the EU statement specifically referenced the consensus-based norms of responsible cyber behavior that were recently affirmed by UN members, presumably to hold China accountable to agreements to which it has just signed on. In contrast, the U. However, the White House refrained from explicitly linking Chinese cyber activities to the international norms affirmed via the UN.

The conspicuous absence of these UN norms from the U. Finally, while the White House should be commended for pursuing more robust coordinated attribution that identifies problematic behavior and reaffirms international norms, it is not clear what additional responses or punitive measures the United States, alone or together with allies, will seek to impose on China as a result. Some commentators have called for the United States to impose sanctions on China, similar to its response to the SolarWinds hack.

Setting aside the legitimate question of whether sanctions are even a useful policy instrument to address malicious cyber behavior, economic interdependence between the United States and China as well as Europe and China means that the consequences of imposing sanctions on Beijing would be far more significant than sanctions against Russia.

It is also not clear whether the United States has sufficient political capital to convince European states to sign onto Chinese sanctions. That said, statements about norms without meaningful enforcement will do little to make cyber norms viable over the long term.

Therefore, President Joe Biden and his administration should soon convey to the American people, allies and partners, and adversaries some information about how the United States intends to enforce these norms.