- The Washington Times - Friday, September 29, 2023

American cyber officials are ducking the Chinese government’s accusations that the National Security Agency hacked into China’s sensitive networks and stole intellectual property.

Chinese officials blamed the NSA for a range of hacking and thievery via increasingly aggressive commentary made in recent weeks on WeChat and reported via state-run media.  

Asked at the National Press Club on Thursday about China’s claims that the NSA he leads breached a university, Army Gen. Paul Nakasone demurred.

“We don’t talk about our operations,” he said.

The general said U.S. cyber warriors follow guidance from America’s laws and civilian leaders and design and conduct operations that reflect the nation’s values.

China’s National Computer Virus Emergency Response Center and Ministry of State Security blame the U.S. for breaching Northwestern Polytechnical University, invading Huawei servers and leveraging the Foreign Intelligence Surveillance Act for global spying.

China’s complaints against America appear to broadly resemble incoming accusations made from U.S. officials, agencies and cybersecurity companies that have focused on China’s alleged hacking of research, intellectual property theft and policies enabling surveillance.  

Cybersecurity researchers are questioning whether China used any nonpublic information in its accusations against the U.S. or simply crafted a narrative referencing public reporting of America’s cyber capabilities to reverse the blame.  

Jamil Jaffer, George Mason University law school’s National Security Institute founder, said the abundant references to long-known facts and programs included in China’s accusations made it difficult to determine if anything especially new was in the latest complaints.

“This appears to be an attempt by the Chinese government, leveraging historical information at least in part released by Edward Snowden, to engage in the type of naming and shaming of the U.S. government that we have legitimately leveraged against China for a number of years,” Mr. Jaffer said.

Whereas advisories from U.S. agencies often include names and details of tactics, techniques and procedures accompanying allegations of foreign adversaries’ hacking, China’s allegations do not contain identical fingerprints.

China’s Ministry of State Security posted on WeChat last week complaining of U.S. cyber weapons, according to an English-language translation. The post references technical capabilities impermissibly revealed by former NSA contractor Edward Snowden, who fled the U.S. for Hong Kong a decade ago before settling in Moscow.

The state-run China Global Television Network said Chinese officials identified NSA personnel conducting cyberattacks via analysis of SecondDate, which CGTN branded as spyware. SecondDate is a mechanism revealed by Mr. Snowden in a 2014 article.

Dutch researcher Peter Koop said SecondDate is an attack method and not malware or spyware.

“In this case, it’s hard to say whether China really has detected this method or whether the Chinese are just guessing or suggesting that the NSA may have used this method,” Mr. Koop said in an email.

The NSA declined to comment on China’s claims and whether the accusations suggested a disclosure from Mr. Snowden put American officials in danger.

The NSA, FBI and other American and Japanese cyber officials published an advisory on Wednesday saying China-linked cyberattackers were looking to compromise network routers.

• Ryan Lovelace can be reached at rlovelace@washingtontimes.com.

Copyright © 2024 The Washington Times, LLC. Click here for reprint permission.

Please read our comment policy before commenting.