According to informed officials, a closed-door meeting was held in Geneva in December 2024 between senior officials from the United States and China. During the meeting, Wang Lei, a high-ranking official from the Chinese Ministry of Foreign Affairs, implied that Beijing was involved in multiple cyber attacks targeting critical infrastructure in the United States, citing it as a response to U.S. support for Taiwan.
Sources told The Wall Street Journal that the meeting was hosted by Nate Fick, the network and digital policy envoy of the Biden administration at the time, and had over a dozen representatives from both the U.S. and China, including senior officials from the State Department, National Security Council, Pentagon, and U.S. intelligence agencies.
While Wang Lei or other Chinese representatives did not directly admit to orchestrating the cyber attacks, American officials present at the meeting and those briefed afterward interpreted their comments as an acknowledgment of Beijing’s involvement in the actions. They believe this move was intended to threaten the U.S., suggesting that if the U.S. intervenes in a Taiwan Strait conflict, China will target American infrastructure.
The cyber attacks referenced in the meeting, codenamed “Volt Typhoon,” primarily targeted civilian infrastructure such as U.S. ports, water facilities, airports, and power grids with long-term infiltration since 2023. American intelligence agencies have repeatedly warned that these attacks could be a “predeployed” strategy by Chinese authorities to cripple U.S. logistics and communication networks in the event of a Taiwan Strait conflict.
Previously, Chinese officials had attributed the actions of “Volt Typhoon” to criminal organizations or accused the U.S. of having an “overactive imagination.”
At the meeting, Chinese representatives sought to justify the cyber attacks as a response to U.S. military support for Taiwan. A former American official noted that this demonstrates China’s intention to exert strategic deterrence against the U.S. and warn against interfering in the Taiwan Strait situation.
Last year, U.S. authorities also detected another Chinese cyber operation known as “Salt Typhoon,” which infiltrated major telecommunications companies in the U.S., including AT&T and Verizon, eavesdropping on the calls and messages of dozens of senior officials and political figures.
Currently, top Trump administration officials are considering strengthening countermeasures against China, including expanding U.S. military cyber retaliation actions and reviewing federal cybersecurity frameworks.
The U.S. State Department, in a statement to The Wall Street Journal, did not comment specifically on the meeting but indicated that the U.S. has clearly informed China of its intention to “counteract Chinese malicious cyber actions,” labeling Chinese hacker activities as “one of the most severe and persistent threats to U.S. national security.”
The Chinese Embassy in the U.S. denied the allegations, accusing the U.S. of using cybersecurity as a pretext to smear China and spread false information about the so-called cyber attacks.
Dakota Cary, a China affairs expert at cybersecurity company SentinelOne, suggested that if Chinese officials release implicit signals in closed-door meetings, it likely reflects actions under the directive of top Chinese leadership, particularly Xi Jinping. This indicates that Beijing has identified the Taiwan issue as the most likely trigger for future U.S.-China military conflicts.