How US jeopardizes global security with unscrupulous cyberattacks and vast cyber weapon arsenal
Attacking Empire
Published: Jun 01, 2023 08:30 PM Updated: Jun 05, 2023 06:23 PM
Photo: VCG

Photo: VCG

Editor's Note:

It has been a decade since the PRISM scandal which enraged the world was exposed by Edward Snowden. Under the guise of so-called national interests, the US government and its related intelligence agencies utilize their technological and first-mover advantages to conduct cyber surveillance on and attack the rest of the world. 

Relying on its hegemony in cyberspace, the US has used cyber capabilities as one of its tools in hybrid warfare. Just like other tools such as economic sanctions, terrorist activities, and military intervention, the US has used cyberwarfare to interfere in other countries' internal affairs and achieve its own political goals. To maintain its hegemony, the US has conducted "digital colonization" over other countries and committed various convert crimes, making itself a "surveillance empire," an "attacking empire," and a "bullying empire."

In the third installment of this series, the Global Times looks into how this "attacking empire" messes up cyberspace and jeopardizes global security with frequent cyberattacks, and what is inside the US' vast cyber weapon arsenal. 

While never trying to hide its intrigues of adding fuel to the fire of the Russia-Ukraine conflict, the US has once again showed the world its various horrible means of cyberattacks against Russia, as well as against more countries and regions around the globe. The head of US Cyber Command acknowledged to the media that US military hackers had conducted offensive operations targeting Russia "in support of Ukraine."

Since the widely known PRISM scandal that exposed lots of dirty tricks the US has conducted in the cyberworld, this largest empire of cyberattack has been a shadow hovering over people from all over the world with its numerous destructive cyber weapons that can, and probably have, caused large damage on the targets from core industries to every aspect of daily life.

"The US is the founder of the Internet and the initiator of cyber warfare," said Qin An, deputy director of the expert committee of counter-terrorism and cyber security governance, the China Society of Police Law. "The US was the first to open a way of paralyzing and ruining the real world from the cyberspace."

Unscrupulous in cyber world

An investigative report, jointly released by China's National Computer Virus Emergency Response Center (CVERC) and internet security company 360 last month, revealed cases of the US Central Intelligence Agency (CIA) using the network to attack China and other countries. It provided more evidence showing the US' long-term unscrupulous cyberattacks that have created chaos and turmoil around the world.

Decades on, the US has allegedly attempted to overthrow legitimate governments through "color revolutions" in more than 50 countries. The development of the internet in the beginning of the 21st century enabled the CIA to conduct infiltrative, subversive, and sabotaging activities in faster and more covert methods with the help of some US tech companies, the report noted.

The "swarming," for instance, was a non-traditional regime change technique developed by the US' RAND Corporation as an on-site command communication tool for demonstrations based on the internet and wireless communication. The technique was used to "push young people connected through the internet to join 'one shot for another place' fluidity protests" during the CIA-instigated "color revolutions," the report mentioned.

As a major imaginary enemy, Russia was a main target of US' cyberattacks, especially during the ongoing Russia-Ukraine crisis. General Paul Nakasone, the head of US Cyber Command, confirmed to Sky News that the US was conducting offensive hacking operations in support of Ukraine.

"We've conducted a series of operations across the full spectrum; offensive, defensive, [and] information operations," Nakasone said. He explained that the cyberattacks targeting Russia were lawful and conducted through policy decided at the US Department of Defense, Sky News reported in June 2022.

By May 2022, more than 65,000 hackers from several Western countries including the US had regularly taken part in DDoS attacks against Russian's "critical information infrastructure," said Russian Ministry of Foreign Affairs spokesperson Alexander Krutskikh in June that year.

China is also a main victim of US' unscrupulous cyberattacks. According to a report issued by CVERC in 2021, China captured over 42 million malicious program samples in 2020. Those coming from the US accounted for 53.1 percent of all the samples originating overseas.

In September 2022, CVERC revealed the US' long-term cyberattacks against the Northwestern Polytechnical University (NPU) in Northwest China's Shaanxi Province, which was intended to control infrastructure equipment and steal personal information, being one of the recent proofs showing the US has stretched out its evil hands to ordinary Chinese people.

Even many of the US' "allies" are not able to survive the cyberattacks. In 2022, cybersecurity experts from the Beijing-based Qi An Pangu lab told the Global Times that they discovered a top hacker group under the US National Security Agency (NSA), which has been using a cyber-weapon named "Telescreen" for more than a decade to infiltrate and attack 45 countries and regions, involving 287 important institutional targets.

Apart from China and Russia, pro-US countries including Japan, Germany, and Italy were also on the list.

How terrifyingly all-pervasive is the US cyberattack network? The answer may be found earlier in 2017, when WikiLeaks exposed 8,761 documents from the CIA that detailed the tools it used to hack into phones, communication apps, and other commonly used electronic devices used in daily life.

"A CIA attack system called Fine Dining provides 24 decoy applications for CIA spies to use," The Guardian citied WikiLeaks as saying in an article published in March that year. 

"To witnesses, the spy appears to be running a program showing videos, presenting slides, playing a computer game, or even running a fake virus scanner," said The Guardian. "But while the decoy application is on the screen, the system is automatically infected and ransacked."

"The US is the only country in the world that pursues an offensive cyberspace strategy. It frequently carries out cyberattacks and 'sanctions' against other countries by using its cyber weapons," Fang Xingdong, founder of Beijing-based technology think tank ChinaLabs, told the Global Times on Wednesday.

Fang noted that the national interests of the US feed into the basic logic of the attack behavior of the US government. "When the US conducts cyberattacks, its pursuit of interests often makes it fail to distinguish between its allies and non-allies," Fang said.

The US' offensive strategy has become a key factor causing the instability in the global cyberspace, he said.

Surveillance Empire: Spying for profit Graphic: GT

Surveillance Empire: Spying for profit Graphic: GT

Uncontrollable dangers to people's lives

The US has a formidable cyber force capable of threatening every area of daily life from health systems to water and electricity, with cyberattacks that could easily bring other countries to their knees, the Xinhua News Agency quoted Turkish security specialist Ismail Hakki Pekin as saying in April.

The WannaCry ransomware attack in 2017, for instance, showed the world how the US' cyber weapons can cause uncontrollable dangers to people's lives.

Unfurling across the globe in May 2017, the ransomware hit over 300,000 computers in 150 countries and regions and 100,000 organizations, resulting in a total loss of some 50 billion yuan ($7.04 billion). Lots of hospitals, educational institutions, and government departments were attacked.

A major reason leading to the spread of the WannaCry ransomware was a cyber-weapon, Eternal Blue, developed by the NSA. It was widely believed that the leakage of Eternal Blue enabled WannaCry to run rampant under the control of hackers.

Years after the PRISM scandal, the Eternal Blue accident once again reminded people of the US' vast cyber weapon arsenal, which was probably responsible for many cyber disasters globally. The NSA has launched cyberattacks against 47 countries and regions for a decade, a cybersecurity expert from 360 told the Global Times exclusively in March.

Various cyber weapons were used in the decade-long attacks, including the backdoor program UnitedRake, QUANTUM attack system, and fake server FOXCID. FOXCID is the NSA's powerful "large-scale invasion tool," a vulnerability attack platform that allows operators with little experience to participate in cyberattacks.

It's hard to exactly know how many cyber weapons the NSA has. According to cybersecurity company Kaspersky, which revealed in 2015 that the 500 infections by the NSA's "Equation Group" in at least 42 countries, Regin malware, malicious PHP scripts, and computer worms such as Fanny and Stuxnet were some of the NSA's commonly used cyber weapons.

In 2010, US intelligence agencies with Stuxnet infected over 20,000 computers in Iran and caused 1,000 machines there to physically degrade, said Kaspersky. 

"Stuxnet brought a big threat to human society, and even today, it remains a deep-water bomb endangering the world's security," Qin told the Global Times.

The weapons mentioned above are just the tip of the iceberg of the NSA's vast cyber weapon arsenal, let alone other US departments including the CIA and the military which are developing their own cyber weapons as well. 

According to Wikileaks, by the end of 2016 the Center for Cyber Intelligence (a hacking division) under the CIA alone had recruited over 5,000 hackers, producing more than more than 1,000 malware systems - viruses, trojans, and other software that can infiltrate and take control of target electronics.

It is particularly alarming that the US, with its technological advantages and predominance in the internet infrastructure industry, keeps developing numerous cyber weapons that have triggered a new round of arms races in cyberspace and brought unpredictable risks in global cyber security, observers warned.

"The ransomware attacks around the globe in recent years were mainly caused by the leak of the NSA's cyber weapon arsenal. The leak gives many individuals the ability to carry out sophisticated blackmail and attacks. This spillover effect and indiscriminate global surveillance have seriously eroded the foundation of trust between nations in the digital age," Fang noted. "And the lack of trust in digital world has become one of the world's biggest problems."