Skip to content
The Morning Dispatch: Standing Up to China on Cyber
Go to my account

The Morning Dispatch: Standing Up to China on Cyber

The U.S. and its allies publicly condemn Beijing’s campaign of malign activity.

Happy Tuesday! If you just don’t look at your stocks, the Dow dropping 700 points yesterday can’t hurt you.

Quick Hits: Today’s Top Stories

  • The Biden administration said Monday that some Afghan nationals who aided the U.S. in the Afghanistan war will be housed temporarily at Fort Lee, Virginia, pending their final visa approval.

  • Ariel Henry, who was appointed acting prime minister of Haiti by former Haitian President Jovenel Moïse before the latter was assassinated earlier this month, will take power in Haiti today after the former acting prime minister, Claude Joseph, agreed to step down Monday. Joseph had argued that Henry had no standing to step in as interim leader, as he had not been sworn in at the time of Moïse’s killing.

  • The Biden administration on Monday announced a new joint effort with a host of other NATO states to denounce and work to contain Chinese state-sponsored cyberattacks. In its first action, the coalition publicly blamed China for a mammoth attack on Microsoft Exchange email servers back in March.

  • House Minority Leader Kevin McCarthy on Monday announced his five appointees to serve on the Democrat-led January 6 select committee: Reps. Jim Banks, Jim Jordan, Rodney Davis, Kelly Armstrong, and Troy Nehls. Three of the appointees voted against certifying the 2020 presidential election in at least one state, and two did not.

  • Paul Allard Hodgkins of Tampa, Florida, on Monday became the first person to be sentenced for a felony related to his actions at the January 6 Capitol riot. Hodgkins, who pleaded guilty to one count of obstructing an official proceeding, was sentenced to eight months in prison, with the judge citing his apparently sincere repentance and lack of a prior record as ameliorating factors in his judgment.

  • Canadian officials announced Monday that, starting August 9, fully vaccinated Americans will once again be able to cross the northern border without quarantining. The White House, however, did not commit to reciprocating the move when asked Monday.

  • The Biden administration transferred a Moroccan man, Abdul Nasser, out of the Guantanamo Bay detention camp on Monday, marking the first such transfer of Biden’s term. Thirty-nine prisoners now remain at the facility, 28 of whom have never been charged with a crime. White House press secretary Jen Psaki told reporters that “our goal is to close Guantanamo Bay,” but declined to offer a specific timeline for transferring the remaining detainees.

  • Pedro Castillo, a far-left union activist and former schoolteacher, was declared Peru’s president-elect on Monday night, six weeks after votes were cast.

Standing Up to China on Cyber

(Photo by Noel Celis/AFP/Getty Images.)

The United States and other democratic countries worked in concert to publicly condemn Beijing’s campaign of malign cyber activity for the first time yesterday, attributing an extensive breach targeting Microsoft’s email servers to hackers working on behalf of China’s Ministry of State Security (MSS). A series of press releases—from the U.S., the European Union, Japan, Australia, and others—laid the groundwork for defensive initiatives to counter China’s “pattern of irresponsible, disruptive, and destabilizing behavior in cyberspace.” 

The Microsoft Exchange hack, one of the largest of its kind, left tens of thousands of customers vulnerable to ransomware in a cyber intrusion exceptional in its breadth and exposure of victims to vast criminal networks. 

“Responsible states do not indiscriminately compromise global network security nor knowingly harbor cyber criminals—let alone sponsor or collaborate with them,” Secretary of State Antony Blinken said in a statement Monday. “These contract hackers cost governments and businesses billions of dollars in stolen intellectual property, ransom payments, and cybersecurity mitigation efforts, all while the MSS had them on its payroll.” 

“In line with our recent Brussels Summit Communiqué, we call on all States, including China, to uphold their international commitments and obligations and to act responsibly in the international system, including in cyberspace,” a NATO press release read. “We also reiterate our willingness to maintain a constructive dialogue with China based on our interests, on areas of relevance to the Alliance such as cyber threats, and on common challenges.”

While a senior administration official told reporters that the U.S. and allies are “not ruling out further actions to hold the [People’s Republic of China] accountable,” the White House has yet to formally articulate what its response may look like.

Asked by reporters yesterday, President Biden justified his administration’s lack of sanctions thus far by claiming the investigation isn’t finished: “They’re still determining exactly what happened.”

“My understanding is that the Chinese government, not unlike the Russian government, is not doing this themselves, but are protecting those who are doing it, and maybe even accommodating them being able to do it,” he added—an apparent break from Blinken and other officials’ statements linking the Microsoft hack directly to government actors.

But ambiguity surrounding the way in which Chinese state actors conduct attacks may account, at least in part, for the administration’s mixed messaging. The provenance of cyber activity from a country like North Korea, for example, tends to be easier to pin down given government involvement in most of its hacking enterprises.

“What you’re seeing in China is that, during the day, the cyber actor is a government contractor, and so they’re doing their hacking on behalf of the Ministry of State Security. But when they go home that night, they do freelancing cyber criminal activity,” Chris Krebs—former director of the Cybersecurity and Infrastructure Security Agency and partner at Krebs Stamos Group—told The Dispatch. “Unfortunately, given that it’s the same person or same group doing different types of activity, that can actually lead to a destabilizing effect in cyberspace.”

A 31-page report released by the National Security Agency, Cybersecurity and Infrastructure Security Agency, and Federal Bureau of Investigation yesterday endeavored to cut through some of the confusion by shedding light on how criminal contract hackers conduct their operations. This information, Krebs said, could counter Chinese government cyber aggression by dispersing more “actionable material” to cybersecurity experts in both the public and private sectors. 

In conjunction with the report, the Biden administration laid out five “modernization efforts”—better logging practices, using a secure cloud environment, upgrading security software, multifactor authentication and encryption technologies, and improved endpoint security—aimed at protecting American agencies, corporations, and infrastructure from possible breaches.

But these undertakings are largely focused on defense over deterrence, which some experts argue doesn’t go far enough. “In all of their public announcements over the last several weeks, the administration is emphasizing future-oriented, bureaucratic changes and responses—which are important and necessary, but they’re not sufficient,” Klon Kitchen, a national defense and cybersecurity expert at the American Enterprise Institute, told The Dispatch.

“The problem is that we haven’t materially changed China or Russia or North Korea or Iran or others’ strategic calculus in terms of their willingness to conduct these types of operations against us,” he continued. “And that is what needs to change. We need to dissuade, we need to deter, this kind of blatant activity.”

The Justice Department announced the indictment of four Chinese nationals yesterday, including three intelligence officers, for a “campaign to hack into the computer systems of dozens of victim companies, universities and government entities.” While the release made no mention of the Microsoft Exchange server hack, additional indictments could be one way to impose costs on the Chinese government for its malign cyber activity. 

Further efforts, like sanctioning the companies contracting to MSS or closing Chinese corporations built via intellectual property theft out of the global economy, could also begin the process of establishing deterrence.

But for now, the unprecedented move by the U.S. and its allies to identify and detail Beijing’s destabilizing actions appears to be a step in the right direction. 

“The fact that we have an alert with attribution to China—with that byline, with NATO, with our allies in Europe, with the Five Eyes countries—that in and of itself I think is a remarkable pronouncement. It signals quite a significant shift in how the liberal democracies are viewing China,” Krebs said. “Something has absolutely changed in the last two years.”

Worth Your Time

  • When Joe Biden took office earlier this year, he carried into the White House an implicit pledge to make governing boring again—sweeping out the Trump administration’s carnival of oddities and Fox News stalwarts and repopulating the executive branch with the glossiest insiders the D.C. Democratic establishment had to offer. The lord of these insiders is Biden’s chief of staff Ron Klain, who formerly served in the same role for two vice presidents: Al Gore and Biden himself. This profile of Klain, from the New York Times’s Mark Leibovich, provides a window into what life on the inside is like: “Ron Klain, who after a few near misses finally achieved his career-long goal of becoming the White House chief of staff, will turn 60 this summer … Plans for his 60th have become such a source of Beltway status anxiety that a small universe of Washington strivers is angling for details: Some have asked White House contacts whether a celebration is in the works and if invitations have gone out.” 

  • Over at National Review, Andy McCarthy argues for the appropriateness of Paul Allard Hodgkins’s eight-month sentence for his small role in the January 6 Capitol riot, which reflects both the horror of the assault and the way in which the mob mentality of the day swept up plenty of people who had no real intention of attempting to stage any sort of coup. “Here, for all their huffing and puffing, the prosecutors urged an 18-month sentence. Such a recommendation would, of course, be inconceivably paltry in an actual case of terrorism or insurrection,” McCarthy writes. “Yet, Judge Moss properly concluded that the Justice Department’s recommendation was more than twice as harsh as what Hodgkins’s behavior merited. That doesn’t mean Moss was dismissive of the riot. In imposing sentence, he pointed out that Hodgkins had joined a mob that threatened the Capitol and undermined democracy—‘damage,’ the court observed, ‘that will persist in this country for decades.’ Still, the judge illustrated that one can be appropriate condemnatory of what happened on January 6 without being swept away by a demagogic political narrative.”

  • Republican pollster (and friend of The Dispatch) Kristen Soltis Anderson joined the FiveThirtyEight Politics Podcast yesterday for a discussion of her recent survey on the state of political parties in the United States. Based on Anderson’s analysis, 42 percent of the country is both culturally and economically conservative, and 39 percent of the country is both culturally and economically liberal. Fourteen percent, however, is culturally conservative and economically liberal, and six percent is the reverse: culturally liberal and economically conservative. Have these factions existed for a while, or are they a more recent development? Is this splinter large enough to support a multiparty democracy? Tune in to find out.

Presented Without Comment

Also Presented Without Comment

Toeing the Company Line

  • Brian Reidl adds up the trillions that congressional Democrats have spent or want to spend over the next decade—$3.5 trillion on “human infrastructure,” $600 billion in new spending on traditional infrastructure, $1 trillion on new discretionary spending, another $1 trillion on programs with fake expiration dates, plus the COVID relief bill that passed in March. “How much is $8 trillion? Enough for Washington to deposit $60,000 into each family’s bank account. Or permanently eliminate the employee side of the payroll tax. Or permanently cut income taxes by one-third. Instead, it would go to a grab bag of expensive government expansions.”

  • Ryan Hooper spent all of last year teaching in-person and managing COVID protocols. He argues that while some of the mitigation measures were necessary then, too many districts this year will continue with unnecessary and costly protocols. Some, like masks, are disruptive to the learning process.

Let Us Know

Jeff Bezos is about to be en route to space aboard his company’s Blue Origin rocket. Virgin Galactic founder Richard Branson did something similar last week.

If you had ungodly amounts of money, what hobby would you spend billions of dollars on?

Reporting by Declan Garvey (@declanpgarvey), Andrew Egger (@EggerDC), Charlotte Lawson (@charlotteUVA), Ryan Brown (@RyanP_Brown), Harvest Prude (@HarvestPrude), Tripp Grebe (@tripper_grebe), Emma Rogers (@emw_96), Price St. Clair (@PriceStClair1), Jonathan Chew (@JonathanChew19), and Steve Hayes (@stephenfhayes).