Cyberwar between China and the United States

Main article: Cyber ​ ​ wars

Chronicle

2025

China finds' overwhelming evidence 'of hacking of National Time Service Center by US NSA

In October 2025, China's Ministry of State Security said it had found "irrefutable evidence" of the NSA hacking of the National Time Service Center, a key institution responsible for accurate time and standards.

According to Beijing, since March 2022, the NSA has exploited vulnerabilities in employees' phones and stolen credentials to attack and steal data.

China claims that the United States used foreign servers to disguise the source of the attacks. Washington has not yet commented on the allegations.

The United States published a list and photos of 12 Chinese hackers who allegedly hacked the Ministry of Finance and other American departments

On March 5, 2025 Ministry of Justice USA , 12 citizens China were charged with organizing hacker attacks on various American departments. Names and photos of alleged cyber wrestlers have been released.

The accused included two employees of the Ministry of Public Security of the PRC, a number of employees of the allegedly private Chinese company Anxun Information Technology Co. Ltd., also known as i-Soon, as well as members of the Advanced Persistent Threat 27 (APT27) hacker group. The Ministry of Justice said that among the victims of the attackers were a large religious organization in the United States, ministries of foreign affairs of several states in Asia and various US government structures, including the Ministry of Finance.

Hackers are said to have used a vast network of private companies and contractors in China to conceal their tracks in hacks and information theft. Sometimes cybercriminals, according to the US Department of Justice, received instructions to organize attacks on certain companies, but often they acted independently, hacking systems to steal information. In many cases, the stolen information was not of interest to the Chinese authorities, and therefore was sold to third parties.

The ads were presented to Chinese citizens as part of a joint effort by the Department of Justice, the FBI, the Navy Criminal Investigation Service, the State Department and the US Treasury Department. At the same time, all suspects are at large and are wanted by the FBI. A reward of up to $10 million has been announced for information about their whereabouts.

At the same time, Chinese Foreign Ministry spokesman Lin Jian said that accusations of hacker attacks against China by the United States are a manifestation of hypocrisy and double standards.^[1]

2024: Chinese Foreign Ministry: Blaming other countries for cyber attacks is a US tactic to cover up its own attacks

On October 14, 2024, the representative of the Ministry of Foreign Affairs of China, Mao Ning, announced that the United States accuses other states of cyber attacks to cover up their own attacks in the Internet space. We are talking, in particular, about the spread of disinformation.

In early 2024, the US Cyber ​ ​ Security and Infrastructure Security Agency reported CISA that allegedly associated PEOPLE'S REPUBLIC OF CHINA hackers have been operating inside "certain the AmericanIT systems for at least five years and are preparing destabilizing cyber attacks on critical infrastructure." Volt Typhoon hackers were mentioned: it was said that this is one of the largest known cyber espionage groups targeting the United States and other regions. At the same time, it was reported about the allegedly identified connections of Volt Typhoon with China.

𝓲

Фото: Freepik

However, according to Mao, Volt Typhoon is actually an international ransomware group. According to the results of an investigation conducted in the PRC, the US intelligence services carry out cyber espionage around the world and conduct operations under the "false flag," substituting other states.

The so-called Operation Volt Typhoon is a political farce played out by the US government itself, China's report says.

It is emphasized that the US military base on the island of Guam was not the target of cyber attacks by Volt Typhoon: instead, it is the initiator of a large number of cyber attacks on China and many countries of Southeast Asia. Moreover, Mao said that the United States is using its technological advantages to carry out large-scale systemic cyber surveillance and espionage around the world.

We call on the United States to immediately stop its cyber attacks around the world and stop denigrating China using cybersecurity problems, "Mao said.[2]

2023

US, Taiwan team up to defend against China's cyber attacks

Lawmakers in the US Congress have introduced a bill that would require the Pentagon to significantly expand cybersecurity cooperation with Taiwan to protect the island from cyber threats from China. This became known on April 23, 2023.

The Cybersecurity Sustainability Act would authorize the US Secretary of Defense to conduct cyber exercises with Taiwan, protect the island's military infrastructure and systems, and eliminate malicious digital activity against the island.

We must fight back against the growing aggression of the Chinese Communist Party (CCP) and its attempts to undermine democracy around the world, including through hostile cyber attacks. Too often, China used Taiwan as a testing ground for its cyberattacks, which were later aimed at the United States, the bill says.

Lawmakers noted that the legislation would help "arm Taiwan to the teeth in the cybersphere by strengthening the island's cyber powers and creating a stronger partnership between the U.S. and Taiwan to protect key systems that keep the U.S. island's military and economy operational and ^[3] teaming up ^[4].

China releases report on US cyber attacks on other countries

On April 11, 2023, the China Cybersecurity Industry Alliance (CCIA) published a detailed report detailing the long-term cyber attacks carried out by the United States on other countries.

The report consists of 13 sections related to certain events and time intervals. These include cyber attacks by US intelligence agencies on key infrastructure in other countries, cyber raids and monitoring, the introduction of backdoors, etc. In addition, we are talking about the development of specialized means for conducting intrusions and theft of confidential information. It is said that the means used by American structures violate international rules of conduct in cyberspace.

China releases report on US cyber attacks

By the end of the 20th century, against the backdrop of the rapid development of information technologies, cyberspace became an integral part of society. At the same time, fears about the militarization of cyberspace continued to grow around the world. Fears of cyber warfare became a reality in 2010 when the Stuxnet computer worm attacked Iran's nuclear facilities. This showed that the United States opened Pandora's box, the report said.

The authors of the report note that US actions impede the development of global information technologies, create fragmentation and confrontation in cyberspace. Ultimately, this undermines the order in the global IT market.

Cyber ​ ​ operations initiated by the United States have become the most serious threat to global cybersecurity, since they cover all invasion scenarios and all platforms. The United States puts its own hegemony above the sovereign security of other countries. These attacks undermined people's confidence in network technology and caused significant damage to the global political and diplomatic environment, the report said.[5]

2022

US State Department uses artificial intelligence to propaganda against Russia and China

On December 6, 2022, Ambassador Derek Hogan announced that the US State Department is actively using artificial intelligence (AI) and other advanced IT solutions for propaganda against Russia and China. Read more here.

Chinese hackers stole hundreds of gigabytes of commercial secrets from American companies

The Chinese hackers stole hundreds of gigabytes of commercial secrets the American from companies. This became known on May 5, 2022. More. here

China accused the United States of hacking computers to organize cyber attacks on Russia and Ukraine

China has been subjected to continuous cyber attacks since February, during which Internet addresses in the United States were used to seize control of Chinese computers directed against Belarus, Russia and Ukraine. This became known on March 12, 2022. Read more here.

2020

US special forces prepare for cyber war with Russia and China

American special forces are preparing for a cyber war with Russia and China. This became known on October 10, 2020. Read more here.

US does not want to lay communication cable with China due to the threat of cyber espionage

On June 22, 2020, it became known that the United States does not want to lay a communication cable with China due to the threat of cyber espionage. The cable will allegedly allow Chinese intelligence services to gain access to American data.

The US does not want to lay a communication cable with China due to the threat of cyber espionage. Photo: republicoftogo.com.

As reported, the American Committee for the Assessment of Foreign Participation in the Telecommunications Services Sector Team Telecom recommended that the Federal Communications Commission (FCC) of the United States, based on national security concerns, refuse to lay the submarine cable system Pacific Light Cable Network (PLCN) on the bottom of the Pacific Ocean between Hong Kong and Los Angeles.

As Team Telecom fears, consisting of, and, the Ministry of Justice Ministry of Defence U.S. Department of Homeland Security cable will allegedly allow Chinese intelligence services to gain access to American data.

Team Telecom recommends that the FCC satisfy part of the PLCN application aimed at connecting the United States Taiwan and, which Philippines have no ownership in the People's Republic of China (PRC) and are separately owned and controlled by subsidiaries and, Google Facebook provided that subsidiaries of the companies enter into mitigation agreements for these respective connections. The Pacific Light Cable Network project involves laying a cable between Hong Kong and Los Angeles through Taiwan and the Philippines with a total length of about 13 thousand kilometers. This decision of the committee is related to the situation in the field of national security, including the efforts of the PRC government to obtain confidential data of American citizens. Thus, an underwater cable can be a rich and vulnerable data source for. China The laying of PLCN raised national security concerns for June 2020, as the influential investor in PLCN is a Hong Kong company - Pacific Light Data a subsidiary of the telecommunications provider in China Dr. Peng Telecom & Media Group. As members of the committee noted, PLCN is only one of several similar projects "causing such concern the United States[6] told in Team Telecom

CIA suspected of 11-year cyber espionage against China

• The Chinese INFORMATION SECURITY The company Qihoo 360 published a report linking the Central Intelligence Agency USA CIA to a long-term cyber espionage campaign targeting Chinese industrial and government organizations. This became known on March 4, 2020. The campaign continued between September 2008 and June 2019 and most of the targets were located in, Beijing Guangdong and Zhejiang, the researchers said. More. here

2019: Chinese hackers cyber attack on US National Association of Industrialists

In the summer of 2019, the network of the National Association of Manufacturers (NAM) of the United States was subjected to a cyber attack allegedly carried out by a cybercriminal group sponsored by the Chinese government. This became known on November 14, 2019. Read more here.

2018

US National Security Agency seeks information on spy microchips from China

On October 11, 2018, it became known that the US National Security Agency (NSA) is searching for witnesses who could confirm information about the installation of Chinese spy microchips on the servers of American companies. This was reported by Bloomberg with reference to NSA expert Rob Joyce. Read more here.

China spied on Apple and Amazon through chips in hardware

In early October 2018, it became known that China spied on Apple, Amazon and other technology companies by installing special chips in equipment used in data centers.

According to Bloomberg, the American authorities suspected China of secretly using chips for surveillance back in 2015 and then began a secret investigation. These chips could be installed by Super Micro Computer.

Chinese hackers convicted of stealing corporate information from servers of Apple, Amazon and other American companies

In 2015, Amazon acquired video distribution software developer Elemental Technologies to expand the capabilities of its video streaming service Amazon Prime Video. While Amazon's main interest in the deal was not related to Elemental's government contracts, they complemented Amazon's related Web Services (AWS) business, which provides CIA cloud services in particular.

Amazon has hired a third-party firm to scrutinize the security of Elemental's purchase. Amazon's keen interest turned out to be expensive servers that the startup used in its networks to compress video. In these servers, which Super Micro Computer produced for Elemental, extraneous tiny microchips smaller than rice grain were found - their use was not provided for by the technical project.

Amazon notified the American authorities about this, and they were very worried, because Elemental servers were installed in data centers of the Ministry of Defense, used during CIA operations with drones, as well as on Navy warships. Elemental was one of hundreds of Super Micro Computer customers.

Over the three years of the investigation, which continues by the beginning of October 2018, it turned out that the chips introduced into computer equipment made it possible to create an "invisible door to any network," allowing, among other things, to make changes to the operation of the equipment.

Spy chips have integrated at facilities owned by manufacturing subcontractors in China, according to Bloomberg's knowledgeable interlocutors.

17 people, including 6 current and former senior national security officials, confirmed to the publication the fact of manipulation of components of the Super Micro Computer and other elements of the attack.

The news agency notes that this attack is much more serious than hacking software systems that the world is already accustomed to. Hacking through hardware is difficult to fix and can be more disruptive because it provides long-term hidden access to systems. Intelligence agencies have been willing to invest millions of dollars in such technology for years.

According to the publication, Apple removed Super Micro servers from its data centers in 2015 immediately after it became known about the data leak. In 2016, the contract between the companies was completely terminated.

Several additional investigations were subsequently conducted by American government agencies. The publication claims that no user data was stolen as part of that alleged hacking campaign.

Washington has long suspected Beijing of mass espionage using equipment manufactured by Chinese companies. Most electronic components are manufactured in the PRC. Theft of intellectual property became one of the arguments of US President Donald Trump when introducing new duties on the import of goods from China.

US Vice President Mike Pence also announced the fact of espionage in a speech at the Hudson Institute. He noted that Russia's interference in US affairs "fades in comparison with what China is doing."^[7]

The United States allowed itself preventive cyber attacks against Russia, China and its own allies

The US military has received expanded powers to conduct "preventive" cyber attacks. This follows from a document called "Cyber ​ ​ Strategy," published in September 2018 by the US Department of Defense^[8].

The new strategy allows the use of cyber attacks by the US military to "violate or block malicious cyber activity at its source, including activity that is below the level of armed conflict."

The strategy signed by Secretary of Defense James Mattis also implies "the creation of a more lethal force," that is, formations of hackers capable of preemptively striking the infrastructure of a conditional enemy.

The document stipulates that preventive strikes will be launched to prevent cyber attacks on critical US infrastructure, including voting systems and power grids. Under the new rules, military hackers will have the right to act at their own discretion; earlier, to begin active actions in cyberspace, approval from the National Security Council under the President of the United States would be required. Now, to conduct "preventive cyber attacks," neither the permission of the Security Council nor the approval of the National Security Agency will be required.

The Pentagon called the Russian Federation and China the main threats to US cybersecurity

The Pentagon published^[9] in September 2018, a new cybersecurity strategy in which it named Russia, China, North Korea and Iran as the main threats to US interests. The ^[10]. As noted in the document, the United States faces "imminent and unacceptable threats" in the form of "malicious cybercriminal activities."

"The United States was involved in a long-term strategic rivalry with Russia and China. Russia used information operations in cyberspace to influence our population and challenge our democratic processes, "the document says. China, according to the Pentagon, tried to steal confidential information from the American government and private sector companies.

In addition to the Russian Federation and the PRC, North Korea and Iran are among the main threats, which, according to the military department, are trying to use operations in cyberspace to "harm American citizens and the interests of the country."

In the future, the Pentagon intends to "suppress or suspend malicious activity" in advance, as well as create "deadlier forces," including to counter cyber operations, the document emphasizes.

2017: The US rated the threat of cyber attacks from Russia and China at 8 out of 10 points

The acting head of the US Department of Homeland Security, Elaine Duke, estimated the cyber threat posed by Russia and China at 8 points out of 10, RIA Novosti reported. Read more here.

2013: Third of hacking attacks against China carried out by Americans

A third of hacker attacks on Chinese sites and computers in 2013 were carried out from the United States, according to a report by China's national Internet security agency.

The number of hacker attacks on Chinese sites and computers carried out from abroad increased by 62% in 2013. About 11 million computers came under the control of foreign servers, 61 thousand websites were hacked by foreign hackers, the agency reports.

The attacks were mainly carried out by attackers from the United States, South Korea and Hong Kong. Important information systems are regularly at risk in China, and the country's entire security system is at risk, the agency says.

In March 2014, The New York Times published an article based on information from Edward Snowden about the espionage of American services against the Chinese telecommunications equipment manufacturer Huawei since 2007. The United States has denied accusations of espionage.

2004: Chinese attack Lockheed-Martin

In 2004, in the network of one of the enterprises of the defense concern Lockheed-Martin, Chinese hackers broke through the computer protection system, left many traces of their stay in the form of Trojans and backdoors. It is still not clear whether the hackers managed to copy important data, but some of the company's data was badly spoiled.

Hackers and the computer network of the US Department of Defense did not ignore, whose sysadmins did not even notice that attackers have had free access to valuable information for 2 years. The US government accused Russian programmers of a hacker attack, but the Official Kremlin denied this accusation.

Notes