At a time when the United States and seven allied countries jointly issued a warning against Chinese hackers, Chinese state media has been criticizing the United States relentlessly. Experts analyze that Beijing’s smear campaign and cognitive warfare are akin to “the thief crying ‘stop thief,’ which is laughable,” while the alliance of democratic countries is standing against China due to its rampant cyberattacks and brazen behavior.
The Australian Cyber Security Agency issued a rare warning on Tuesday, accusing the Chinese hacker group APT40 of consistently conducting malicious cyberattacks against the Australian government and private institutions, actively seeking targets.
The Australian Signals Directorate stated that APT40 carries out “malicious cyber operations” on behalf of the Chinese Ministry of State Security.
This report was jointly written by the Australian government and the “Five Eyes Alliance,” consisting of New Zealand, Canada, the United States, and the United Kingdom, as well as international partners such as Germany, Japan, and South Korea.
Dr. Wang Zhisheng from the Asia-Pacific Security Exchange Association recently told Dajiyuan that China’s cyber hacker attacks are well-known globally, and research on cybersecurity worldwide clearly indicates that Chinese and Russian hackers are among the primary sources of cyberattacks. These hackers are undoubtedly not acting as individuals but are backed by their respective governments.
Wang Zhisheng analyzed that China has three main goals: firstly, conducting attacks on critical infrastructure of its adversaries or rival countries, including the United States, the Five Eyes Alliance members Australia, Canada, and the UK, as well as neighboring Japan and Taiwan, which has been severely affected.
He stated, “Their attacks on critical infrastructure are somewhat preparatory for future technological warfare. If a war is initiated against democratic countries in the future, they aim to gain an advantage in cyberspace.”
Secondly, China engages in cyberattacks to breach security defenses and steal crucial secrets of various countries or businesses, such as national core secrets, military strategies, or proprietary technologies of companies, to enhance its own technological development. This is China’s second objective.
Thirdly, China conducts extensive cyber intrusions and disruptions, which can also serve propaganda purposes in cognitive warfare when necessary. Through numerous cyberattacks and propaganda, it can promptly engage in the required cognitive warfare.
Regarding the disclosed information related to Australia and the Five Eyes Alliance, Wang Zhisheng believes it’s just the tip of the iceberg, as such incidents are ongoing.
Since the beginning of this year, the United States and allied countries have issued statements and taken actions multiple times against Chinese hacker groups.
On February 7, intelligence agencies of the United States and the Five Eyes Alliance jointly stated that the advanced Chinese hacker group targeting critical infrastructure in the United States, “Volt Typhoon,” has been active for five years, appearing to engage in sabotage rather than espionage.
The NSA, CISA, FBI, and TSA warned that “Volt Typhoon” has clandestinely infiltrated aviation, railways, public transportation, highways, maritime, pipelines, water supply, and sewage systems.
The statement emphasized that the collected data strongly indicates China’s preparation for disruptive cyberattacks, endangering Americans’ safety and hindering military readiness in significant crises or conflicts with the United States.
In January, Reuters reported that the U.S. Department of Justice and the FBI had obtained legal authorization to disable Chinese hacker activities remotely and had launched an operation in recent months to combat the Chinese hacker group “Volt Typhoon,” successfully disrupting thousands of internet-connected devices.
In March, the U.S. Department of Justice and the FBI stated that millions of Americans were involved in an “evil” Chinese hacker conspiracy targeting U.S. officials. Seven Chinese citizens were accused of extensive network attack activities.
In April, the network security departments of the United States and the “Five Eyes Alliance” jointly issued another warning about thwarting the Chinese “Volt Typhoon” hacker group’s “infiltration operations” in U.S. networks.
In June, the head of the U.S. Cyber Command warned that China is actively seeking to disrupt the U.S. defense industry and explicitly mentioned the Chinese-supported hacker group “Volt Typhoon” again.
Wang Zhisheng remarked that the U.S. and allied countries have been protesting against China in various ways, but Beijing seems unperturbed and continues its brazen behavior.
Not only that, China has issued reports pointing fingers at the United States. On July 8, the Chinese National Computer Virus Emergency Response Center released a research report from April regarding the U.S. “Volt Typhoon” operation, citing three major doubts about the U.S.’ allegations, including American companies being pressured by the U.S. government to fabricate evidence, discrepancies between U.S. official statements and those of internet companies, and contradictory behaviors of U.S. network security authorities.
Xinhua reported on the 8th that U.S. intelligence agencies have abused their executive powers, manipulated cybersecurity companies and other agencies, spread false information, created and exaggerated the “China cyber threat theory”, and hidden conspiracies behind the scenes.
Deputy Researcher Zeng Yishuo from the Network Security Institute of Taiwan’s Institute for National Defense and Security Studies told Dajiyuan, “China long ago had prepared this script reflecting back on the United States, alleging that the U.S. is also engaging in such actions and accusing them of hypocrisy. This is an old script for China; this method of response is standardized and somewhat clichéd to China.”
“Moreover, now it has expanded to claim that the whole thing is fake news. This is mainly targeted externally,” Zeng analyzed, “It holds an advantage in disseminating this propaganda to its camp, i.e., the anti-U.S., non-free world camp, or some gray areas like Central and South America, where it has more influence through official media and external propaganda campaigns.”
“So, this is primarily not about psychological warfare because the U.S. has already won in that aspect by directly sanctioning individual hackers.” The U.S. is continuously expanding alliance sanctions against Chinese hacker activities.
“However, China is now focusing on information warfare to shore up its own camp and sway the opinions of those in the gray area who are closer to China and may be pro-Communist. Its current strategy and actions seem to be following this outline.”
“I completely deny it; that is, all the allegations brought up by the U.S. are false,” Zeng stated. In essence, this is a trap set by China because it might eventually become a dilemma of sorts, where the truth becomes a mystery.
Wang Zhisheng also believes that China’s tactics of countering the accusations are akin to “the thief crying ‘stop thief,’ which is ridiculous.”
Wang Zhisheng said, “In April, Beijing conducted research and then released it in July, seemingly vehemently refuting the U.S. and other countries’ use of the so-called ‘Volt Typhoon’ report in cognitive warfare against China. However, I think this is an absurd claim, the thief crying ‘stop thief’ kind of argument.”
“Because the reasons for their refutation are mostly spurious, such as the Beijing-related entity’s three points. The first point is that the U.S. intelligence agencies requested related cybersecurity companies to tamper with data to align with the ‘Volt Typhoon’ report information.”
However, “I am curious how Beijing knows this, as they did not provide any evidence but just verbally claimed that there were requests to tamper with data. They cannot present any proof to substantiate this accusation.”
“Basically, I believe this statement is more for the consumption of the Chinese domestic audience to incite anti-American sentiment.”
Secondly, Wang Zhisheng analyzed that Beijing also mentioned “Volt Typhoon” and how this practice did not receive recognition from U.S. cybersecurity companies. He stated, “We must stress that ‘Volt Typhoon’ is an entity, and U.S. cybersecurity companies are just that – companies. They may not necessarily know and cannot necessarily grasp the information understood by U.S. intelligence agencies.”
“So why would you ask U.S. cybersecurity companies to endorse the information from the U.S. intelligence agencies? This is very strange.”
Wang Zhisheng pointed out that this is a typical Chinese way of thinking, “Only China’s party-state system, the Communist Party, can command businesses and require them to endorse the Communist Party. Such a thing would not happen in democratic countries. Therefore, it is evident that they are viewing this through a Chinese lens.”
“So, you can say that all these assertions are basically weak by Beijing’s standards regarding the so-called ‘Volt Typhoon’ reaction or their rationales. Time and again, it seems like Beijing’s response to ‘Volt Typhoon’ and these assertions are quite feeble.”
Additionally, Wang Zhisheng said, “Interestingly, three months later, they bring this up, claiming that the U.S. is engaging in cognitive warfare against China now; I find this claim even more laughable.”
Xinhua also mentioned the U.S.’s Section 702, which enhances offensive capabilities against competitors abroad and surveillance and control over its citizens. The United States’ intelligence agencies jointly launched the “Volt Typhoon” program to address these urgent issues.
The U.S. Section 702 allows electronic surveillance of non-U.S. citizens overseas for national security purposes. This monitoring tool, authorized in 2008 and renewed multiple times, is used to prevent terrorist attacks, cyber intrusions, and foreign espionage.
In April this year, President Biden signed an extension of the Foreign Intelligence Surveillance Act Section 702, known as the warrantless surveillance program, for two more years.
Wang Zhisheng believes that what the United States is doing is targeting suspicious countries and entities for overseas surveillance. He said, “I must objectively state that this law is similar to the surveillance conducted by the U.S. against related terrorist organizations or suspicious terrorists after the 9/11 incident.”
“To a certain extent, of course, there may be concerns about human rights, but why does the United States take such extensive actions with such surveillance? The major reason behind it is Beijing.”
“If today, it weren’t for China and Russia’s significant use of cyber hackers to impact other countries’ security and steal other countries’ state secrets, or manipulate other countries’ cognitive warfare, the United States would not have introduced these new laws. So, the fundamental issue, in my opinion, still lies with China.”
Wang Zhisheng said, “The world’s major security think tanks, especially cybersecurity think tanks, generally recognize that China and Russia are the two largest sources of cyber hackers globally. Therefore, facing such threats, it is necessary to block and expose them, which is in line with the national security needs of each country.”
“If China and Russia do not cease these cyberattacks on other countries and cognitive warfare, then I believe, in the future, not only the Five Eyes Alliance but more democratic countries will unite against China and those engaging in cyberattacks led by China, to impose more blockades and resistance.”