Bloomberg Audio Studios, Podcasts, radio News. You're listening to Bloomberg BusinessWeek with Carol Masser and Tim Steneveek on Bloomberg Radio. We begin this hour with the latest on the fallout from the Microsoft SharePoint security issue. Microsoft saying that a Chinese hacking group exploiting security vulnerabilities in the company's SharePoint
servers to deploy ransomware follows a cyber attack discovered last week. Carol, this cyber attack has affected hundreds of entities around the world, including about four hundred government agencies, corporations, and other groups. That's according to estimates from the security firm I Security, including the National Nuclear Security Administration.
That's right, that USA agency is responsible for maintaining and designing the nation's cash of nuclear weapons that was among those breached. For more, let's bring in Jennifer Ubanks. She's the founder of Adaman Strategic Advisors. They advised companies and clients on cyber resilience, digital trends, information, and geopolitical risk.
She spent great background more than three decades and tech, intelligence and national security, and served as the Deputy Director of the CIA for Digital Innovation from twenty nineteen through twenty twenty four. She joins us from Virginia. So great to have you with us. We've been dying to kind of do a little bit of a deeper dive into this story. This was a serious attack. I am curious about how you are seeing it and kind of the level that it seemed to be able to penetrate.
Yeah, it's a great question, and thanks for the invitation today, Carol. You hit the high points in the introduction. I think that's really important. But I'm going to just shape it slightly differently and say that I think we'll look back on this breach as one of those milestone ones that where you measure the developments of strategic attempts to infiltrate our networks and our systems. We'll look back on it like solar winds, like the exchange server.
Compromise in twenty twenty one.
So what is most interesting to me here is that this was looked like an espionage operation, classic espionage to collect information, sensitive data, intellectual property, you name, it launched by three government affiliated entities, and then, as you mentioned, just about six days ago, about six days ago, it has flipped to ransomware. One of those three entities has started dropping ransomware on affected servers and then you know, demanding ransom extortion.
So this is really something new that we've not seen previously.
Can I just ask you China, you know Microsoft accusing hackers associated with the Chinese government of breaking into computer systems from your work in the government, it's China, our friend, And I asked that kind of instantly, naively, but I
kind of know the answer. But tell me from a government perspective, how you look at China and how especially didn't we just open up in video chips to go back to China, Like, how do you look at what is the right relationship, especially with advanced technology American technology, how we should be.
Yeah, that's a really complex question, and I'm going to hit it first from the cyber perspective, since as we're talking about this massive breach today and in terms of cyber capabilities, the People's Republic of China is amongst the most capable, most aggressive, most ambitious, most well resourced kind
of actors anywhere in the world. If you took and there's a scale issue here, if you took all of the cyber actors affiliated with the Chinese government, it probably outnumbers everything in the US and all of our allies could bring to the fight together. The scale is really huge. And these three entities that have been identified by Microsoft are two the names don't really matter to all the viewers perhaps, but Linen Typhoon and Violet Typhoon they've been
seen for a long time. They're considered advanced persistent threats. They have their own apt moniker numbers. The other is Storm twenty six oh three, if I'm not mistaken, twenty six oh three, and that's less visible, and it hints at this ecosystem that has taken shape in the People's Republic of China, where they have scaled their cyber operations globally by tapping into contract hackers. So each of these government entities in each province around the country can then
reach out to contractors in pretty large numbers. And then the other interesting thing in that is that within that contractor ecosystem are also criminal actors. So there's this weird overlap between government contract entities and criminal entities such that
the lines are becoming blurred. And that's one of the really interesting things about this particular breach, because we're seeing what looked like classic espionage sort of government on government or China of course, considers commercial espionage to be national security operations, so collecting on commercial interests, but then flipping to ransomware that starts to raise questions about what's going.
On here, Jennifer. I've been doing this show with Carol for almost five years at this point, so I can steal a question from you that I know you're thinking about. It's something that you remind us of all the time, Carol, and that's the idea that, wait a second, doesn't the United States do stuff like this as well?
I'm going to say no, yes, and no.
Okay, So there's an understanding that in the world today and then world forever, espionage is a reality, and that's generally governments seeking information of strategic value about the plans and intentions of adversaries and competitors around the world. That has generally been within the realm of allowable activity, if you will.
So if I.
Wanted to understand what a hostile government plans do to harm the United States, and I had the hacking capability to do that, that would generally be, let's say, within the boundaries. What's different is that the PRC has a different approach they do, as you know, hack US companies on a very large scale. It's the greatest illegal transfer of wealth and human history has been through IP theft by the People's Republic of China from the United States and companies here.
That's not something that the US does.
And when we look at what's happening with this particular breach where you have government sponsored activity that has now in the last six days flipped to be ransomware, that's a whole other area.
That's definitely something that the US government has not would not do.
So I'm going to go back to the second part of my question. Then you know, we have once again and video is going to be selling chips right into China. So I'm just wondering what, you know, the thinking is, if they're going to build it, build it on US technology, right, like the tech war is on. But what's what's your observation on this?
So this is a really interesting one, and I'll try to be very quick about it because it could be deep and weedy here. But in essence, what we're seeing is the emergence of two parallel digital ecosystems around the world. One that's US innovation and our partners and allies around the world, and it's rooted in concepts around democracy. So privacy, we try privacy, data, sovereignty, security, independence, our sovereignty, you name it. Another model, more digital authoritarian, is really modeled
around monitoring, controlling societies, and maintaining state power. And that model is disseminating around the world through the infrastructure that the People's Republic of China is selling largely in the
Global South, but not exclusively there. And so it's a long way of saying that I really appreciated the CEO of Nvidia's comments yesterday about how he wanted America to maintain that lead and be the stand because this issue of digital standards is really a battlefield for the future of technological leadership and technological leadership in this way, in my opinion, is really about global leadership, about superpower status, and we're going to have to lead in digital technology
if we want to maintain that global lead more broadly. And so I can see the logic. I'm not saying good or bad, but I can see the logic behind promoting American innovation and standards so that we can weaken the emergence of that, say parallel digital ecosystem could compete with us.
Jennifer Winy have ten seconds left? Can you just give us one tip to stay safe in an environment such as this.
Oh yeah, apply all your patches, immediately, rotate your encryption keys if you're affected, and hunt for anything that might be on your systems and unplug your system if you think you might be affected while you're taking these measures.
Okay, I said one thing that's for, But it's okay. We're going to let you encryption keys. I'm going to google this stuff. Oh thank god encrypted setting.
Jennifer, come back real soon. This was fabulous. Jennifer you Bank, founder of and Aman Strategic Advisors, joining us right here on Bloomberg Business Week Daily