image
The federal government is fighting back against what it says are China-based cyberattacks against U.S. universities and companies with indictments and a “naming-and-shaming” approach — but researchers aren’t convinced the efforts will come to much in terms of deterring future activity. On Monday, the White House released an official statement announcing its attempt to push back against “irresponsible and destabilizing behavior in cyberspace.” The European Union, the United Kingdom, and NATO countries also announced it will join the U.S. in “exposing and criticizing [China’s] malicious cyber-activities,” the White House statement added. The statement also formally attributed the widespread Microsoft Exchange zero-day exploitation to the China’s Ministry of State Security. The U.S. Cybersecurity and Infrastructure Agency (CISA), the Federal Bureau of Investigation (FBI) and the National Security Administration (NSA) released multiple advisories providing details about cybersecurity threats from the Chinese government, and announced the indictments of four Chinese nationals alleged to have been operating on behalf of the Chinese Hanian State Security Department. The indictments allege the four Chinese Hainan State Security Department (HSSD officers), were behind the advanced persistent threat group APT40: Including Ding Xiaoyang, Cheng Qingmin and Zhu Yunmin, as well as Wu Shurong, who allegedly wrote and targeted malware against universities, governments and companies across…

Source