China claims it has “irrefutable evidence” that the U.S. National Security Agency (NSA) launched a two-year cyberattack campaign on China’s National Time Service Center (NTSC).
In a WeChat post, China’s Ministry of State Security (MSS) said an attack on the high-precision keeper of “Beijing Time” could have led to “network communication failures, financial system disruptions, power outages, transportation disruptions, and space launch failures,” and also could have wreaked havoc with international time.
The MSS post details what it claims was a more than two-year NSA cyberattack operation involving “42 specialized cyberattack weapons.”
Alleged NSA Cyberattack Exploited SMS Vulnerability
The MSS claims that the NSA campaign was “long-planned and systematic.”
Beginning on March 25, 2022, China alleges that the NSA exploited a vulnerability in the SMS service of an “overseas mobile phone brand” to gain control of mobile phones of multiple NTSC staff members. A year later, beginning on April 18, 2023, the NSA launched multiple attacks using stolen credentials to infiltrate NTSC systems and “spy on the center’s network systems,” the MSS post said in translation.
From August 2023 to June 2024, the NSA “deployed a new cyber warfare platform and activated 42 specialized cyberattack weapons to launch a high-intensity cyberattack” against multiple internal NTSC network systems, the MSS post claimed. The NSA “also attempted to penetrate the high-precision ground-based timing system, potentially disabling it.”
The MSS did not provide any details on the “42 specialized cyberattack weapons.”
The NSA cyberattacks were often launched late at night or early morning Beijing time, and used VPNs in the U.S., Europe, and Asia to conceal the source of the attacks, the MSS said. The U.S. intelligence agency also used “forged digital certificates” to bypass antivirus software, and used “high-strength” encryption algorithms “to completely erase traces of the attacks.”
China said it responded by “securing evidence” of the attacks, disrupting the attack chain. and improving defensive measures to top potential threats.
MSS Takes Issue with U.S. Claims of Chinese Cyber Threats
China accused the U.S. of a multi-year campaign “continuously carrying out cyberattacks targeting China, Southeast Asia, Europe, and South America. They have infiltrated and controlled critical infrastructure, stolen vital intelligence, and monitored key personnel.”
The MSS also charged that the U.S. has “exploited its technological base” in the Philippines, Japan, and Taiwan to conceal its involvement and shift the blame for cyberattacks elsewhere.
U.S. cyber officials in recent years have alleged that Chinese cyber operations pose a significant threat to U.S. critical infrastructure – a claim the MSS took issue with in the WeChat post.
“[T]he US has repeatedly hyped up the ‘China cyber threat’ theory, coercing other countries to hype up so-called ‘Chinese hacker attacks,’ sanctioning Chinese companies, and prosecuting Chinese citizens in an effort to confuse the public and distort the truth,” The MSS post said. “Ironclad facts have proven that the US is the true ‘Matrix’ and the greatest source of chaos in cyberspace.”
The Cyber Express has reached out to the NSA for comment and will update this article with any response.
