Commenting on HR/VP Borrell’s declaration against malicious cyber activities from China, Reinhard Bütikofer, AFET coordinator of the Greens/EFA group in the European Parliament, says:
“Criminal Chinese hackers have been identified as responsible for malicious cyber activities, which have resulted in security risks and economic loss for Europe and others. It is welcome that HR/VP Borrell united with other like-minded international partners in publicly calling out this destabilizing and irresponsible behaviour in cyberspace. It is, however, deplorable that Mr Borrell cannot agree with US Secretary of State Blinken, for instance, on where to lay the blame. This lack of clarity undermines the effect of concerted international efforts. The US government has stated that “[t]he PRC’s Ministry of State Security (MSS) has fostered an ecosystem of criminal contract hackers who carry out both state-sponsored activities and cybercrime for their own financial gain”. The US government has confirmed that “cyber actors affiliated with the MSS exploited vulnerabilities in Microsoft Exchange Server”, and has stated that “[t]hese contract hackers cost governments and businesses billions of dollars … all while the MSS had them on its payroll.”
None of these attributions are to be found in Mr Borrell’s declaration. This raises a number of questions that Mr Borrell should be quick to answer: Does the US know more than the EU does? Does Mr Borrell believe that not stating some facts might be diplomatically advantageous? Does the EU’s statement imply that the US criticism goes too far? Does the reluctance to share the US criticism signal EU timidity vis-à-vis Beijing?”