China Plays Victim After Getting Caught Hacking into U.S. Infrastructure for Years

Chinese state media went into overdrive this week to distract from revelations of a massive state-linked Chinese cyberattack on U.S. infrastructure, howling that China is actually the world’s biggest victim of cybercrime and America is the greatest threat to global information security.

China’s state-run Global Times studiously avoided mentioning the bombshell reports about Volt Typhoon, the Chinese state hacking group disrupted by Microsoft security experts and the FBI last week.

Volt Typhoon’s hackers penetrated critical infrastructure systems, including ports, oil pipelines, and power grids, then lurked in waiting without stealing data or causing damage – presumably waiting for an order from Beijing to cause havoc if the U.S. was drawn into a confrontation with China. The likely theater for such a confrontation would be Taiwan, whose infrastructure was also compromised by the Volt Typhoon operation.

Leaving all of that unsaid, the Global Times used a Wednesday editorial to rail against “American advanced persistent threat (APT) organizations” supposedly working indiscriminately around the globe.

Humorously citing “Chinese experts” who suddenly discovered American hackers everywhere the day after the FBI took Beijing’s big cyber-espionage operation down, the Global Times huffed into its editorial paper bag about the “uncontrolled development of the U.S. in terms of cybersecurity threats,” none of which its “Chinese experts” could actually describe.

Instead, the Global Times quoted Chinese Foreign Ministry spokesman Wang Wenbin muttering that America is the “source of all evils” in terms of cyber-threats, then pumped out ten paragraphs of dark speculation about all the things the United States could do if it chose to unleash the dark wizards sitting restlessly at their keyboards in the CIA’s basement and NSA’s attic.

Americans may certainly hope the Chinese Communist Party’s “experts” are right about the terrible destructive potential of U.S. cyber-commandos, but the point is that China just got caught red-handed sabotaging computer systems around the world. The controversy is about what China actually did, not its theoretical capabilities.

About halfway through its screed, the Global Times forgot what it was supposed to be talking about and complained about the U.S. government teaming up with Big Tech firms to make cyber-espionage harder:

The US leads the establishment of an alliance and, with Google taking the lead, has formed the CA/Browser Forum internationally. The members of this alliance include companies related to browsers, web servers, auditing, cryptographic algorithms, hardware gateways and more. In addition, the US has implemented a filing system and established the Certificate Transparency (CT) system, meaning that before issuing any digital certificate, all international digital certificate authorities are required to file with this system. Failure to do so will result in the alliance blacklisting them, according to the report.

Besides, with the global advantage in the field of smart terminals, the US grasps the foundation to obtain sensitive user data through global sales and operations of operating systems and internet services.

Again, China actually is harvesting terabytes of user data through compromised platforms such as TikTok. If the U.S. started doing the same thing – and there are plenty of domestic privacy advocates who worry that it will, especially since so much of the federal bureaucracy, intelligence community, and corporate America has been politically weaponized against domestic opponents – it would take years to catch up to China’s cobwebbed vaults of user data pilfered from foreigners.

Another frequent target of Chinese cyber-espionage is the Philippines, which is pushing back against Chinese aggression in the South China Sea. Last week, Chinese hackers tried to break into Philippine government websites and email accounts, including those of President Ferdinand Marcos Jr. and a maritime security agency.

The Philippines provided evidence the attack came from China, then very tactfully said it was “appealing to the Chinese government to help us prevent further attacks.”

The Global Times responded on Wednesday with another howling screed accusing Philippine hackers of victimizing poor, helpless China. 

This time, the Chinese Communist paper briefly acknowledged the allegations of wrongdoing against China but dismissed them with a wave of its hand and insisted “China is the biggest victim of cyberattacks”:

Li Baisong, deputy director of the technical committee of Antiy Technology Group, told the Global Times on Tuesday that cyberattacks against China with their IP addresses traced to the Philippines amounted to thousands in 2023, most of which were unsuccessful.

“We found that a certain proportion of the cyberattacks came from two non-governmental hacker groups from the Philippines named Anonymous Philippines and critzone and there were also some attacks difficult to identify and trace,” Li said.

Xiao Xinguang, chief software architect from Antiy company, told the Global Times on Tuesday that China has long been subjected to attacks and disturbances from various threat actors, with frequent attacks coming from Northeast Asia, the Taiwan Straits, the South China Sea and South Asia.

Before the reader could ask about the nature of these alleged Filipino non-state-actor hacking attempts, or if any of them were as serious as the assault Manila repelled from China last week, the Global Times went on to complain about all of the cyber-warfare boiling out of conflicts such as the Russia-Ukraine and Israel-Hamas wars, presumably to stress its point that every actor in cyberspace except China is dangerous.

RELATED — Cyber Official: ‘Great’ Blinken Will Have ‘Discussion’ with China on Their Ability to Attack Critical Infrastructure Because It’s Hard to Prevent