Written by staff writer.
China’s Ministry of State Security (MSS) has attributed a recent cyberattack on the Wuhan Earthquake Monitoring Center to US intelligence agencies.
In an article posted to the Chinese social media platform WeChat this week, the MSS said the country’s National Computer Virus Emergency Response Center (CVERC) and Chinese cybersecurity company 360 had found backdoor malware characteristic of the type deployed by US agencies.
In the days leading up to the August 16 denouncement, Chinese authorities indicated an imminent attribution. They said the US intelligence agencies were using a “secret system” to spy on other countries and, in this case, to steal earthquake monitoring data to serve their military needs.
Chinese officials said earthquake data they collected and then used to detect and provide early warning of upcoming geological incidents had valuable military applications.
“US intelligence agencies not only actively collect various signal intelligence but have also long obtained other countries’ comprehensive earth system science remote sensing and telemetry data as strategic intelligence through various means,” Xiao Xinguang, chief software architect at Antiy Lab and Chinese Communist Party member, told the government-controlled Global Times outlet.
“Even more dangerous is that if the attackers tamper with the earthquake monitoring data, triggering false alarms, it could lead to social panic and disorder, resulting in casualties among innocent people.”
The Chinese Government publicized the cyberattack in late July. However, they did not say when the incident occurred or when it was detected. At the time, the earthquake research facility said the attack was backed by an overseas government and impacted “some network equipment.”
The NSS did not nominate specific US agencies. However, the US Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA) can mount cyber attacks on other nation-states. Both entities have publicly adopted hawkish positions on China’s ability to disrupt critical US infrastructure via cyberattacks. MySecurityMedia has approached the NSA for comment on the matter.
While Western intelligence agencies usually point the finger at China for cyber misconduct, the Chinese Government this week used their announcement to highlight US intelligence activity and, in typically hyperbolic language, warned of a “US global system threatening world peace.”
The MSS acknowledged China was a cyber power. They also said China’s data output reached 8.1 zettabytes in 2022, the second largest in the world, and the country’s data storage capacity reached 724.5 exabytes, or 14.4% of the global processing volume.
But the MSS also said cyberattacks on Chinese infrastructure and key industrial entities were rising and attributable to various threat actors, including criminal groups, hackers, and nation-states.
The Chinese Government sent out Xiao this week as their industry expert. He listed multiple reasons why the US would target the earthquake center but suggested it was one element of a more nefarious project the US has underway.
“After many years of continuous tracking with relevant departments, we will soon publicly disclose a global reconnaissance system of the US government, which poses serious security threats to China’s national security and world peace,” said Xiao. “We must be highly vigilant and tightly guard against this.”