The NSA has been at the forefront of the U.S.'s overseas intel operations, carrying out covert missions that also involve cyber-attacks against many countries, including friends and foes. [Photo/CGTN]
Editor's note: CGTN's First Voice provides instant commentary on breaking stories. The daily column clarifies emerging issues and better defines the news agenda, offering a Chinese perspective on the latest global events.
This U.S. intelligence organization calls itself the National Security Agency, aka NSA, but ironically their twisted understanding of "national security" hinges on snooping on and attacking other nations – not just the ones they perceive as enemies or adversaries but also those they proclaim to be their friends and allies – and in the process themselves becoming a predominant global security threat.
Over the years, the NSA has been at the forefront of the U.S.'s overseas intel operations, carrying out covert missions that also involve cyber-attacks against many countries, including friends and foes. Hence the latest report from China implicating the notorious U.S. agency in a series of cyber offenses against one of its top technology institutions hardly comes as surprising.
The new investigative report published on Tuesday by China's National Computer Virus Emergency Response Center in collaboration with internet security company 360 establishes the NSA's footprints behind "thousands of cyber-attacks" against China's Northwestern Polytechnical University (NPU) and discloses details of specific incidents.
The investigation was initiated after the university – well-known for its aviation, aerospace and navigation studies – in northwest China's Shaanxi Province on June 22, raised an alarm claiming overseas hackers were found sending phishing emails with Trojan horse programs to its teachers and students, attempting to steal their data and personal information.
Over the following weeks, the probe discovered that those attacks originated from the NSA-affiliated cyber warfare intelligence agency, known as the Office of Tailored Access Operation (TAO). The report further detailed how TAO controlled key infrastructure facilities in China and infiltrated the NPU's internal network by using servers in countries such as the Netherlands and Denmark to host cyber weapons through stepping-stone attacks via Japan, Germany, the Republic of Korea and other countries.
The report claimed TAO used 41 types of cyber weapons in its attacks against the Chinese university. Among these, 16 are identical to the TAO's weapons that have been exposed by the hacker group "Shadow Brokers," and 23 share a 97 percent genetic similarity with those deployed by TAO. The remaining two types need to be used in conjunction with other cyber-attack weapons of TAO, the report said, adding that the homology of the weapons suggests they all belong to TAO.
As part of the operation, NSA was able to steal sensitive data and information of Chinese individuals with "sensitive identities." However, in the process, the cyber-attacks also exposed their own technical loopholes and operational missteps. The technical analysis found that the cyber attackers' working time, language and behavior habits, and operation miss have also exposed their links with TAO, the report said, adding that the true identities of 13 attackers have been firmly established.
This was the third investigation report released this month on NSA's malicious cyber-attacks on NPU and unearthed irrefutable evidence of such provocative covert missions against China by the U.S. agency.
More intriguingly, the report also revealed that the U.S. secretly controlled or compromised the telecom carriers of at least 80 countries and conducted indiscriminate wiretapping and data theft against global telecom users, reinforcing Washington's reputation as the single largest serial aggressor in cyber-attacks worldwide.
Earlier this year, China had exposed an NSA spy tool deployed to steal sensitive information from computers worldwide. China's National Computer Virus Emergency Response Center in March detected the NSA Trojan horse spyware named "NOPEN" that was found to have controlled global internet equipment and stole a large volume of users' information.
China has repeatedly demanded an explanation from the U.S. over such blatant violations while calling for an immediate halt to such illegal and indiscriminate actions through various channels. So far, however, the U.S. has chosen to remain silent on the matter.
"The U.S. could not have been more bombastic and motivated when propagating the lies about 'Chinese hackers,' yet it has deliberately chosen to be blind and mute in the face of the solid evidence collected by the Chinese institution," Chinese Foreign Ministry Spokesperson Wang Wenbin told reporters at a press conference in Beijing on Wednesday, responding to a question on the latest exposé. "What exactly is the U.S. hiding from the world?" he asked.
The U.S. has long been known as the empire of hacking and champion of secrets theft. With its absolute dominance in the field of Internet technology, the U.S. has exercised indiscriminate cyber control and theft on a global scale to benefit itself politically, militarily, diplomatically and commercially. The U.S.'s bullying practices in cyberspace have become a growing concern shared across the international community.
There is now copious evidence that the U.S. remains the greatest threat to, not just China's, but global cyber security. In their own interest and to create a peaceful, secure, open and cooperative cyberspace, all countries must unite and rise against the U.S.'s hegemonic subversion of international norms, which is significantly damaging cyber sovereignty.