Here's everything you need to know about ransomware

(CNN)The Biden administration has been debating internally whether and how to impose sanctions on China for its malfeasance in cyberspace, according to people familiar with the matter, as experts question why the White House has not gone further in penalizing China for its alleged hack of Microsoft’s email system in the spring.

The Biden administration and a coalition of international allies accused China on Monday of using “criminal contract hackers” to carry out malicious activities around the world — but stopped short of penalizing Beijing with sanctions or diplomatic expulsions, in stark contrast to how the administration has responded to similar malign behavior by Russia in the past several months.
When the administration in April attributed the massive SolarWinds espionage campaign to Russia’s intelligence services, they simultaneously announced sweeping sanctions on Russian financial and technology companies and expelled 10 diplomats from the Russian embassy in Washington. But the administration took no such punitive action against China on Monday when it accused the Chinese Ministry of State Security of facilitating a massive hack of Microsoft’s email system and other ransomware attacks around the world.

    The disparity prompted questions from cybersecurity experts — including to the White House directly on Monday morning, according to a person familiar with the outreach — as to why they seemed to have pulled their punches with Beijing in a way they hadn’t with Moscow.

      “I do think the lack of sanctions is a problem,” said Adam Segal, an expert on cybersecurity and China at the Council on Foreign Relations. “The Chinese are not going to take a stern warning and suddenly for some reason change their behavior.”

      The response so far, much to the chagrin of some more hawkish officials and experts, has been to just be patient.
      White House press secretary Jen Psaki sought to minimize any distinction between the United States response toward China and Russia after the US and its allies accused China of widespread malfeasance in cyberspace, saying the US is “not differentiating” its response towards the two countries.
      “We are not allowing any circumstance or consideration to prevent us from taking actions where warrant. And also we reserve the option to take additional actions were warrant as well. This is not the conclusion of our efforts as it relates to cyber activities with China or Russia,” Psaki said.
      The administration is under no illusions that international pressure alone will be enough to change China’s behavior, said one person familiar with the ongoing discussions. President Joe Biden on Monday hinted at more to come, telling reporters that “the investigation is not finished.” State Department spokesman Ned Price similarly said during a briefing on Monday that the US is “not ruling out further action should it be merited and should it be appropriate.” No additional action is imminent, however, and the White House is evaluating all options.
      A senior administration official told CNN on Monday that “we have made clear that will continue to take actions to protect the American people from malicious cyber activity, no matter who is responsible. In addition, as we have said, the US and our allies have not ruled out further action.” The official added that the administration is making clear to China that “as long as China continues its pattern of irresponsible malicious cyber activities, we will continue to work with our allies and partners to call them out, promote network defense and cybersecurity, and take action to disrupt threats to our people.”
      Cybersecurity experts said one option available to US officials is an executive order, signed during the Obama administration, that permits the US government to sanction the beneficiaries or facilitators of industrial espionage via cyber intrusion. The order is still on the books and can be invoked at any time.
      Before issuing any sanctions, US officials would engage in a detailed, interagency process to weigh the risks of possible blowback as well as the likelihood of the action changing Chinese behavior, said Christopher Painter, a former senior US cybersecurity official.
      “It’s going to be sustained campaign,” he said, “and you’re going to have to use a lot of different tools. And sanctions have to be in that tool list.”
      An administration official involved in the deliberations separately told CNN that “today, we did as much as we were willing to do for the time being, which is to unseal indictments and name and shame.” He was referring to an indictment the Justice Department unveiled Monday that accuses China’s Ministry of State Security of relying on a front company to carry out cyberattacks.
      The official said there were discussions underway about potential sanctions, and said that the threat of economic consequences is what got Chinese President Xi Jinping to the table with President Barack Obama in 2015, where they reached a joint cyber “understanding” to try to curb corporate espionage.
      But he cautioned that no consensus had been reached.
      “The economic reality is that we are far more entangled with China than we are with Russia, and we have far less room to countenance sanctions,” he added.
      The same is true of many of the US’ key allies, with whom the Biden administration prefers to coordinate major foreign policy actions.
      NATO, the United Kingdom and the European Union joined the US on Monday in condemning China, and Americcan officials said the united front on display on Monday was itself a signal to Chinese officials that their behavior was out of line.
      “Part of the appeal of having such a broad coalition is, it kind of lays down clear markers for what responsible behavior in cyberspace should be,” said Alexis Serfaty, a senior analyst at Eurasia Group, a political risk consulting firm. “It’s safe to say it’s an unprecedented level of coordinated response.”
      But US officials also privately acknowledged that getting the same group of counties on board with new sanctions would be a much more challenging initiative for the United States, if the Biden administration decided upon that course of action.
      Nations like Germany and Italy have sometimes balked at such public displays of condemnation of China because of how intertwined their economies are with Beijing. At last month’s G7 summit in England, leaders from Europe initially showed resistance to calling out some of China’s human rights abuses in a final statement. Japan has also historically avoided public condemnations of Beijing given its important regional relationship with China.
      Officials characterized Monday’s announcement as a first step in challenging China’s cyber aggressions that did not preclude additional actions like sanctions. Among American officials’ chief objectives was to gather international support for the move, hoping that by including countries in Europe and Asia in the announcement it would project a unified front to Beijing.
      Getting so many countries and allies to support the condemnation is a significant diplomatic victory, said Painter.
      “Look at NATO’s membership,” he said. “There are a lot of EU countries, and countries not in the EU, where they have complex relationships with China themselves. Getting NATO as a whole to say yes — I think it’s a big deal.”
      The administration hopes to maintain that united front moving forward. Amid calls for sanctions or other punitive steps against China, Price suggested on Monday that the US would prefer any future actions against China to be coordinated with allies as well.

        “We know that we can’t change the PRC’s malicious cyber activity on our own,” Price said, referring to the formal name for the nation, the People’s Republic of China. He added that “we know we are going to be more effective, especially in these areas in which our relationship is competitive or adversarial, as it may be in this realm, when we bring along our closest allies and partners.”
        The senior administration official echoed that, telling CNN, “The key piece for us here was getting buy-in from an unprecedented group of allies, including NATO, which for the first time made an attribution to China.” The official said the joint statement highlighted “the degree to which we are getting countries around the world to increasingly recognize that there is power in collective defense and that working together will be far more effective in countering this activity.”
        Source: Read Full Article