In the world of international espionage, it’s impossible to know with 100% certainty what the truth is. But the war of accusations between Chinese and US intelligence agencies has taken on a new tone, and signals that critical infrastructure companies should anticipate more cyber attacks from advanced state-backed sources going forward.
Tit-for-tat accusations of cyber attacks likely fueled by Taiwan tensions
After US officials took to the media to accuse China’s intelligence agencies of using state-backed hacking teams to seed malware throughout military systems, the Chinese government has fired back with claims of the US operating an illegal global reconnaissance system that relies on computer intrusions.
The event that prompted this latest development is China’s claim of a cyber attack on the Wuhan Earthquake Monitoring Center, which it says is the responsibility of the US due to an identifiable type of backdoor malware left behind. China’s National Computer Virus Emergency Response Center (CVERC) has yet to provide further evidence, but has promised a report on the alleged US reconnaissance network to come in the near future.
This sort of talk is not entirely new for China, which regularly denies US-attributed cyber attacks and claims that assorted intelligence agencies are attempting to smear it. But it has been unusually aggressive as of late in attributing specific incidents to the US, and this one appears to be a direct response to US claims of meddling in its own critical infrastructure.
CVERC has already published something similar in May of this year, but the report was essentially an overview of the “Vault 7” leaks that have been available since 2017 and may have been intended for a domestic audience rather than as a serious case of international law violation. Roughly a year ago, the Chinese government also accused the NSA of hacking a technical university in Xi’an that is known for military research.
Intelligence agencies show greater interest in disrupting critical infrastructure
The general public still has no way of knowing exactly how accurate these reports of cyber attacks on critical infrastructure are. Nevertheless, it is reasonable to expect that advanced hackers backed by intelligence agencies are interested in access to these systems, and that they may attempt disruptions in the event of a military conflict.
There is not much in the way of international law that applies to espionage. The US and China signed a “no hack” pact in 2015, but at this point neither side seems to be honoring it. An attack on critical infrastructure could very well be seen as an act of war and an actual violation of law, but thus far no such attacks have been linked to state-backed hackers or intelligence agencies.
It remains to be seen if China will claim that the US actually damaged its earthquake monitoring system in Wuhan. If it did, and can be proven, that could represent a new level of escalation. In the meantime, critical infrastructure companies (and their suppliers) are well advised to expect increased attention from some of the world’s best hackers.