Photo: CFP

China's State Security Ministry revealed on Sunday that the US National Security Agency (NSA) has, since 2022, launched cyberattacks against China's National Time Service Center, which is responsible for generating and maintaining standard Beijing Time. 

This attack has typical characteristics of an advanced persistent threat (APT), and its target is directly the critical information infrastructure. Located in Xi'an, Shaanxi Province, the National Time Service Center provides precision time services crucial for national communications, finance, electricity, transportation, mapping and defense sectors. 

According to disclosed information, the US launched a cyberattack on such a critical target, which was clearly well prepared and long-planned.

It's worth noting that to evade detection and prolong their inactivity, the US meticulously employed multiple covert tactics commonly employed by APTs. For example, the US frequently launched its cyberattacks between late night and early morning Beijing time, using numerous virtual private servers across the US, Europe and Asia as "springboards" to conceal its true origins. It also forged digital certificates to bypass security monitoring and employed high-intensity encryption algorithms to repeatedly erase traces of the attacks. 

Nonetheless, China's security agencies responded to the US cyberattacks with countermeasures, successfully capturing and securing evidence of the cyberattacks. They promptly instructed the timing center to conduct a comprehensive investigation, severing the attack chain and upgrading defense measures, thus eliminating a potentially significant risk. This series of swift countermeasures fully demonstrates that China's ability to detect, trace and disrupt advanced APTs has reached a new level.

This cyber intrusion into the timing center exposes the long-standing offensive cyber hegemony strategy pursued by the NSA and the US Cyber Command. 

The cyberattacks on China's critical infrastructure carried out by US intelligence and cyber agencies seriously violate the norms of state behavior in cyberspace advocated by the UN.

The US has designated other countries' critical information infrastructure as legitimate targets for cyberattacks. This behavior has severely undermined the international consensus on cybersecurity. These US attacks not only pose an objective threat to China but also severely impact and challenge the strategic mutual trust between China and the US at the conceptual level.

Meanwhile, being a hacker itself, the US also uses a double standard of "the thief crying thief" to slander and smear other countries. It constantly exaggerates the so-called China cyber threat, coercing other countries to hype up "China hacking" incidents, and even uses this as a pretext to sanction Chinese companies and prosecute Chinese citizens. This practice of provoking trouble, reversing right and wrong, and shifting the blame is intended to confuse the public and divert attention, but the ironclad facts show the world that the US is the real hacker.

China's successful defeat of the national-level cyberattack launched by the US fully demonstrates the successful implementation of the strategy of building China into a strong cyber power in recent years.

Under the strategic guidance of the Chinese leadership, China has continuously improved its cybersecurity system and enhanced its combat-ready cyber defense capabilities. The ability of state security agencies to promptly perceive, effectively counter and successfully block a top-level US cyberattack is the result of multi-departmental collaboration and a leap in technological capabilities. The close collaboration between state security agencies, cybersecurity and informatization management agencies, technical institutions, and key enterprises has formed a complete closed-loop system. This has come from advanced threat awareness and early warning, as well as attack chain tracing and evidence collection. 

Through this successful countermeasure, China has demonstrated to the world its unwavering resolve and ability to safeguard cyberspace security. China is both determined and capable of defending the security of its critical information infrastructure and ensuring the stable operation of its economy and society. At the same time, China consistently advocates for the peaceful use of cyberspace and opposes all forms of cyberattacks and sabotage. 

As a responsible cyber power, China will continue to uphold the principle of win-win cooperation and promote the establishment of a fair and equitable international cyberspace governance order. By strengthening dialogue and cooperation within the framework of international rules and jointly preventing cyber threats, China is confident that it will work with other countries to sever all attempts to target global critical infrastructure and make new contributions to building a community with a shared future for humanity in cyberspace.

The author is a professor at the School of International Relations and Public Affairs of Fudan University. opinion@globaltimes.com.cn