BEIJING: The purpose of claiming “Volt Typhoon”, a hacking organization, as a China-sponsored group by US politicians, intelligence community and companies is to hype the “China threat theory” and cheat funding from the US Congress and taxpayers, according to a latest report from China’s National Computer Virus Emergency Response Center.
In February, a US congressional committee held a hearing on the so-called “cyber threat” from China, claiming a Chinese state-sponsored hacking organization “Volt Typhoon” launched a series of activities affecting networks across US critical infrastructure sectors.
The allegation originated from a joint advisory by the cybersecurity authorities of the United States and its “Five Eyes” allies. The advisory was issued based on a report released by US company Microsoft. However, neither the advisory nor the report provided a detailed analytical process for source tracing of the cyberattacks. They jumped to the conclusion that “Volt Typhoon” was a state-sponsored cyber actor in China, the report said.
Meanwhile, analysis by Chinese technical teams have shown that the malicious activity samples of “Volt Typhoon” do not show clear behavioral features of state-backed hackers. On the contrary, the hacking organization has more correlation with ransomware group or other cybercriminals, so claiming “Volt Typhoon” is China-backed based on these ambiguous factors is groundless, it added.
According to the report, multiple cybersecurity authorities of US made the fiction up together just to receive more money from congress. Meanwhile, Microsoft and other US cybersecurity companies have backed the campaign to help them win more big contracts from US cybersecurity authorities.
‘Volt Typhoon’ false narrative to smear China
In February, a U.S. congressional committee held a hearing on the so-called “cyber threat” from China, claiming a Chinese state-sponsored hacking organization, dubbed “Volt Typhoon,” launched a cluster of activities affecting networks across U.S. critical infrastructure sectors.
The allegation originated from a joint advisory by the cybersecurity authorities of the United States and its “Five Eyes” allies. The advisory was issued based on a report released by U.S. company Microsoft.
However, neither the advisory nor the report provided a detailed analytical process for source tracing of the cyber attacks. They jumped to the conclusion that “Volt Typhoon” was a state-sponsored cyber actor in China.
Subsequent analysis by Chinese technical teams revealed that the malicious activity samples of “Volt Typhoon” do not show clear behavioral features of state-backed hackers. On the contrary, they showed strong relevance to cyber crime rings. Claiming “Volt Typhoon” is China-backed based on these ambiguous factors is groundless.
By hyping up the “Volt Typhoon” false narrative, certain U.S. politicians pushed for an increase in cybersecurity investment by the U.S. Congress and certain companies have benefited from winning cybersecurity contracts.
The U.S. move to use cyber attack source-tracing as a political stunt and a pretext to gain self-interests reveals its hysterical and unscrupulous policy toward China. The collusion among U.S. politicians, intelligence community and companies is revealed too.
These will result in nothing but damaging the order of global cyberspace, China-U.S. relations and the reputation of the U.S. government in the international arena.
