Cyber Espionage Campaign

China's Ministry of State Security (MSS) has accused the U.S. of breaking into Huawei's servers, stealing critical data, and implanting backdoors since 2009, amid mounting geopolitical tensions between the two countries.

In a message posted on WeChat, the government authority said U.S. intelligence agencies have "done everything possible" to conduct surveillance, secret theft, and intrusions on many countries around the world, including China, using a "powerful cyber attack arsenal." Specifics about the alleged hacks were not shared.

It explicitly singled out the U.S. National Security Agency's (NSA) Computer Network Operations (formerly the Office of Tailored Access Operations or TAO) as having "repeatedly carried out systematic and platform-based attacks" against the country to plunder its "important data resources."

The post went on to claim that the cyber-warfare intelligence-gathering unit hacked Huawei's servers in 2009 and that it had carried out "tens of thousands of malicious network attacks" on domestic entities, including the Northwestern Polytechnical University, to siphon sensitive data, an allegation that was first leveled by China in September 2022.


Further, China's National Computer Virus Emergency Response Centre (NCVERC) is said to have isolated a spyware artifact dubbed Second Date when dealing with an incident at the public research university that's purportedly developed by the NSA and run stealthily on "thousands of network devices in many countries around the world."

Details about Second Date were previously reported by South China Morning Post and China Daily last week, describing it as a cross-platform malware capable of monitoring and hijacking network traffic as well as injecting malicious code. Germany, Japan, South Korea, India, and Taiwan are believed to be some of the countries targeted by the spyware.

"The U.S. intelligence agency has used these large-scale weapons and equipment to carry out cyber attacks and cyber espionage operations for more than ten years against China, Russia and other 45 countries and regions around the world," MSS said, adding the attacks targeted telecom, scientific research, economy, energy and military sectors.

MSS also claimed that the U.S. has forced technology companies to install backdoors in their software and equipment to conduct cyber espionage and steal data, citing examples of companies such as X-Mode Social and Anomaly Six, which have demonstrated abilities to track the mobile phones of users.

"It has long been an open secret that the United States has long relied on its technological advantages to conduct large-scale eavesdropping on countries around the world, including its allies, and carried out cyber theft activities," the MSS said, adding Russia, Iran, China, and North Korea are its main targets.

"At the same time, the United States is trying its best to portray itself as a cyber-attack victim, inciting and coercing other countries to join the so-called 'clean network' program under the banner of maintaining network security, in an attempt to eliminate Chinese companies from the international network market."

In July 2023, after Microsoft disclosed a China-linked espionage campaign mounted by an actor codenamed Storm-0558 targeting two dozen organizations in the U.S. and Europe, China responded by calling the U.S. "the world's biggest hacking empire and global cyber thief."

The MSS made its WeChat debut on August 1, 2023, emphasizing the need to boost counter-espionage efforts and encourage citizens to report suspicious activity as well as be rewarded and protected for their contributions.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.