In the past two weeks, China has accused the National Security Agency (NSA) of hacking Chinese entities. The accusation this week seems to be an expansion on the accusation made two weeks ago, where NSA was accused of hacking into China’s leading aviation university. Today, China takes the discussion a step further and indicates that the NSA not only compromised the university but also portions of China’s telecom infrastructure, and was positioned to control the telecommunications provider.
These volleys of prose from China, coupled with those of the United States about China’s own actions, require us to look back a few years to what many thought would be the restart of positive bilateral relations in the cyber domain.
U.S. – China Cyber Agreement of 2015
It was September 2015 when the joint U.S.-China cybersecurity deal ironed out by United States President Barack Obama and Chinese President Xi Jinping where both nations pledged not to engage in cyber shenanigans (excluding of course nation-state old-fashion espionage, which didn’t make the list of prohibited actions). At that time, and the year which immediately followed, there was a sense of hope that the two nations, competitors in many ways, could reach a level of cooperation and collegiality. In 2016, the Rand blog commented, “The U.S.-China Cyber Agreement a good first step.“
Clearly, this euphoria didn’t last long. And nary a year has passed since then without an accusation having been made of either China or the United States conducting cyber operations against the other.
The September 2022 Chinese allegations
NSA Targeting Northwestern Polytechnical University
In a detailed piece, published in China’s People’s Daily, China accuses NSA’s Tailored Access Operations (TAO) office of penetrating the email system of the university. The piece claims over 1100 attack links had infiltrated the university’s system and that the Chinese cyber experts discovered a cyber weapon called “drinking tea” used for the theft of sensitive data and attributable to TAO.
NSA Targeting China Telecom
The new information, offered up by Global Times on September 23, is a complete rehash of the piece published ten days prior in the People’s Daily, with a few additions. The accusation that the skullduggery was conducted by NSA’s TAO remains. China expands their allegation, by accusing TAO of using 41 types of cyber weapons to steal technology and compromise systems, to include successfully transitioning from the aforementioned university’s infrastructure to a Chinese telecommunications operator so the U.S. could “control the country’s infrastructure.” The Global Times continues, how TAO built a “legal” channel to conduct their “control” activities. China promises more details, soon.
Throwing Stones in a Glass House
In conclusion, the NSA is supposed to do clandestine collection, that is their mission. Whether they targeted the entities identified by China or will largely depend on the requirements levied by the policy makers in Washington upon NSA, which is a support organization and collects only in support of well defined requirements.
We must keep in mind, China’s PLA and MSS target the infrastructure of the west on regularly. Indeed the infamous OPM hack of 2015 which resulted in the compromise of complete background investigation dossiers on millions of U.S. persons has been attributed to China.
Search the Department of Justice website and you’ll find indictment and criminal complaints ad nauseum detailing the cyber antics of specific Chinese hackers. Who can forget when the FBI announced they had uncovered 11 years of economic espionage by two MSS sponsored hackers in July 2020?
While interesting to those keeping score in the geopolitik world, China’s protestations should be viewed as nothing more than the pot calling the kettle black.
