China on Sunday described the United States as a “hacker empire” and “the biggest source of chaos in cyberspace” and accused the National Security Agency (NSA) of carrying out a “planned” cyberattack targeting the National Time Service Center (NTSC).
The Ministry of State Security (MSS) said in a post on WeChat that it had found “irrefutable evidence” of its involvement in the intrusion dating back to March 25, 2022. It added that the attack was ultimately thwarted.
NTSC was established in 1966 under the jurisdiction of the Chinese Academy of Sciences (CAS) and is responsible for generating, maintaining, and transmitting National Standard Time (Beijing Time).
“Cyberattacks that damage these facilities will endanger the safe and stable operation of ‘Beijing Time’ and cause serious consequences such as network communication failures, financial system disruptions, power supply disruptions, transportation paralysis, and space launch failures,” MSS said.
“This operation thwarted the United States’ attempts to steal secrets and sabotage through cyberattacks, and fully protected the security of ‘Beijing Time.’
According to details shared in a WeChat post, the NSA allegedly exploited a security flaw in an unnamed foreign brand’s SMS service to secretly compromise mobile devices belonging to several NTSC personnel, resulting in the theft of sensitive data. The nature of the vulnerability used in the attack was not disclosed.
On April 18 of the following year, MSS claimed that the agency repeatedly used stolen login credentials to break into the center’s computers, probe its infrastructure, and then deploy a new “cyberwarfare platform” between August 2023 and June 2024.
The platform launched what it called 42 specialized tools to launch powerful attacks that targeted multiple internal network systems at NTSC. The attack also included attempts to move laterally to disrupt high-precision ground-based timing systems.
The attack was launched between midnight and early morning Beijing time and used virtual private servers (VPS) based in the United States, Europe, and Asia to route malicious traffic and hide its origin.
“They employed tactics such as forging digital certificates to evade antivirus software and employing high-strength encryption algorithms to thoroughly erase any trace of their attacks, leaving no stone unturned in carrying out their cyber-attacks and intrusion activities,” MSS said.
The ministry said Chinese national security authorities neutralized the attack and implemented additional security measures. It also accused the United States of carrying out persistent cyberattacks against China, Southeast Asia, Europe, and South America, adding that it used technological footholds in the Philippines, Japan, and China’s Taiwanese province to launch these operations and obscure its own involvement.
“At the same time, the United States has resorted to crying wolf, repeatedly exaggerating the ‘Chinese cyber threat theory,’ coercing other countries to escalate the so-called ‘Chinese hacking incident,’ sanctioning Chinese companies, and prosecuting Chinese nationals, all in a futile attempt to confuse the public and distort the truth.”
Source link
