China's Ministry of State Security reveals US' infiltration of Huawei traced back to 2009
Published: Sep 20, 2023 01:55 PM
cyber attack Photo:VCG

cyber attack Photo:VCG

The US' infiltration of Huawei headquarters' servers can be traced back to 2009, China's Ministry of State Security (MSS) said in an article released on Wednesday.  The Chinese ministry disclosed despicable methods of cyber espionage adopted by US intelligence agencies, which include establishing cyberattack arsenals, coercing technology companies to cooperate, and distorting the truth to accuse others.

The MSS first revealed that the US has established cyberattack arsenals, and that US intelligence agencies have been resorting to extreme measures to conduct surveillance, espionage and cyberattacks across multiple countries worldwide, including China. Particularly, the US' National Security Agency (NSA), through its Office of Tailored Access Operations (TAO) and advanced arsenal, has repeatedly carried out systematic and platform-based attacks on China, attempting to steal important data resources.

According to the MSS, TAO began to invade Huawei headquarters' servers and carry out continuous monitoring in 2009. In September 2022, TAO was found to have carried out tens of thousands of malicious cyberattacks over a prolonged period targeting China, including China's Northwestern Polytechnical University (NPU). The US controlled tens of thousands of network devices and stole a vast amount of high-value data.

US cyberattacks are indiscriminate, as they not only target governments to steal political or military intelligence, but also indiscriminately attack businesses and critical infrastructure, Tang Lan, director of the Center for Cyberspace Security and Governance Studies at the China Institutes of Contemporary International Relations, told the Global Times on Wednesday.

The ability of US intelligence agencies to launch large-scale cyberattacks relies on a diverse range of cyber weapons. Since 2022, China's cybersecurity agencies have disclosed multiple cyber weapons used by US intelligence agencies, such as Bvp47, Quantum, FOXACID and Hive.

US intelligence agencies used these sophisticated weapons to carry out network attacks and cyber espionage targeting 45 countries and regions worldwide, including China and Russia, for over one decade. The targets of these cyberattacks include crucial sectors such as telecommunications, scientific research, economy, energy and the military, the MSS noted.

The aggressiveness of cyberattacks carried out by the US is very prominent because the country aims to gain control over cyberspace and achieve an absolute advantage globally, Tang said.

This is quite different from the previous practices of the US, which used to have more restraint and would not overtly display its intentions or methods, according to Tang. "Cyberattacks have become the US' major tool in great-power competition. The country no longer conceals its intentions, but directly and clearly expresses its desire to obtain absolute initiative in cyberspace," she said.

The US also forced technology companies to cooperate. The US government, using national security as an excuse, forcefully implanted backdoors into devices, software, and applications of relevant technology companies via acts such as the Foreign Intelligence Surveillance Act. By using methods like embedded code and vulnerability attacks, the US achieved global data monitoring and theft, leveraging the influence of global technology companies.

In December 2020, US location data company X-Mode Social was exposed for obtaining location data through an embedded software development kit in mobile applications and selling the data to contractors closely associated with the US military and intelligence agencies. In April 2022, Anomaly Six, a company with ties to military intelligence, was exposed for embedding its internal tracking software development kit into numerous mobile applications, thereby tracking the location data and browsing information of billions of mobile phones worldwide and aggregating and selling the data to the US government.

The US was found to have been carrying out extensive cyberattacks and espionage activities across the globe, while also fabricating security reports in a creative manner, smearing China as the primary cyber threat actor and hyping the so-called Chinese cyber espionage issue, perfectly exemplifying its ability to distort the truth.

It is well known that the US has long been engaged in large-scale surveillance and espionage activities against countries around the world, including its allies, leveraging its technological advantage. Since the exposure of the Prism spying incident in 2013, China's cybersecurity agencies have repeatedly discovered the involvement of the US in cyberattacks targeting China.

In recent years, the US has intensified its Hunt Forward Operations (HFOs), with clear targets being Russia, Iran, China and North Korea. US Cyber Command is becoming an expeditionary force, disguising its actions as HFOs and proactive defense, while conducting cyberattacks and espionage against other countries.

However, the US continues to portray itself as a victim of cyberattacks at the same time. Under the banner of maintaining "cyber security," the US is instigating and coercing other countries to join the so-called Clean Network program, attempting to eliminate Chinese companies from the international cyber market.

In fact, the "Clean Network" is a sham, while suppressing opponents and maintaining hegemony is the US' real intention. In response, the Chinese government has repeatedly urged the US to deeply reflect on its own actions and cease global cyberattacks and espionage activities, as well as stop using false information channels to muddy public opinion, the MSS noted.

Recently, China's National Computer Virus Emergency Response Center reported that during the handling of a cyberattack case on NPU, they successfully extracted a spyware sample called Second Date, which is a network spy weapon developed by the NSA and operates covertly in thousands of network devices spread across multiple countries worldwide.

The US will continuously upgrade its arsenal of cyber weapons in the future, as well as constantly enrich its means and methods for conducting cyberattacks, Tang said.

The MSS stressed that cyberspace is increasingly becoming a new battlefield for safeguarding national security. Without cybersecurity, there is no national security, and no stable operation of the economy and society, while the interests of the general public are also difficult to guarantee. The MSS called for solidarity to strengthen security awareness, and to enhance security capabilities, so as to jointly safeguard cybersecurity.

Main means of US intelligence agencies in cyberattacks and cyber espionage

Main means of US intelligence agencies in cyberattacks and cyber espionage