China Accuses The US Of Spying On Huawei

The persistent and escalating argument between Washington and Beijing over technology and security issues has taken a new twist, with China accusing the US of hacking into the core servers of Chinese telecoms firm Huawei in in attempts to steal critical data. 

The charges of digital spying being made by China's Ministry of State Security (MSS) relate to events dating from 2009 and come at a time of increasing geopolitical tensions between the two countries.

In a message posted on WeChat, the Chinese government said US intelligence agencies have "done everything possible" to conduct surveillance, secret theft, and intrusions on many countries around the world, including China, using a "powerful cyber attack arsenal." Specifics about the alleged hacks were not shared. It focused on the US National Security Agency's (NSA) Computer Network Operations as having "repeatedly carried out systematic and platform-based attacks" against the country to plunder its "important data resources."

The post went on to claim that the cyber-warfare intelligence-gathering unit hacked Huawei's servers in 2009 and that it had carried out "tens of thousands of malicious network attacks" on domestic entities, including the Northwestern Polytechnical University.

A further allegation is that Washington has forced the implantation of backdoors into software and equipment produced by technology companies, enlisting the help of its global technology brands to monitor and steal data.

China's National Computer Virus Emergency Response Centre (NCVERC) is said to have isolated a spyware artifact known as 'Second Date' when dealing with an incident at the public research university that was allegedly developed by the NSA and stealthily implanted on "thousands of network devices in many countries around the world."

Details about Second Date were recently reported by South China Morning Post and China Daily, describing it as a cross-platform malware capable of monitoring and hijacking network traffic as well as injecting malicious code. Germany, Japan, South Korea, India, and Taiwan are believed to be some of the countries targeted by the spyware. "The US intelligence agency has used these large-scale weapons and equipment to carry out cyber attacks and cyber espionage operations for more than ten years against China, Russia and other 45 countries and regions around the world," MSS said, adding the attacks targeted telecom, scientific research, economy, energy and military sectors.

MSS also has said that the US has forced technology companies to install backdoors in their software and equipment to conduct cyber espionage and steal data and to track mobile phone users.

"It has long been an open secret that the United States has long relied on its technological advantages to conduct large-scale eavesdropping on countries around the world, including its allies, and carried out cyber theft activities," the MSS said, adding Russia, Iran, China, and North Korea are its main targets... At the same time, the United States is trying its best to portray itself as a cyber-attack victim, inciting and coercing other countries to join the so-called 'clean network' program under the banner of maintaining network security, in an attempt to eliminate Chinese companies from the international network market."

In July 2023, after Microsoft said that a China-linked espionage campaign had been mounted by an actor codenamed Storm-0558 targeting two dozen organisations in the US and Europe, China responded by calling the US "the world's biggest hacking empire and global cyber thief."

The Hacker News:     Weixin:     South China Morning Post:     China Daily:     The Times Of India:    

The Register:     Security Boulevard                                      Image; geralt

You Might Also Read: 

Spy Agencies Warn Of New Threats From Chinese Hackers:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« British Online Safety Bill Will Restrict Social Media
The US Security Standard For IoT Devices »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CyberSecurity Malaysia

CyberSecurity Malaysia

CyberSecurity Malaysia is the national cyber security specialist agency under the Ministry of Science, Technology and Innovation (MOSTI).

Azeti Networks

Azeti Networks

Azeti Networks is a global provider of IoT technology to a variety of verticals including telecomms, oil/gas, manufacturing, finance and healthcare.

National Cyber Security Centre (NCSC) - Ireland

National Cyber Security Centre (NCSC) - Ireland

The National Cyber Security Centre (NCSC) is the operational side of the Department of Communications in regard to network and information security in the Republic of Ireland.

Defendify

Defendify

We built Defendify to help small businesses navigate the cybersecurity landscape with cybersecurity that is dead simple, affordable, and works around the clock.

DigiSec360

DigiSec360

DigiSec360 is a technology firm focused on the human element of cybersecurity.

BigPanda

BigPanda

BigPanda is the first provider of Autonomous Operations solutions that empower IT Operations at large, complex enterprises.

Research Institute in Verified Trustworthy Software Systems (VeTSS)

Research Institute in Verified Trustworthy Software Systems (VeTSS)

The main purpose of VeTSS is to support program analysis, testing and verification, to achieve guarantees of software correctness, safety, and security.

Deduce

Deduce

Deduce use a combination of aggregate historical user data, identity risk intelligence, and proactive alerting to deliver a robust identity and authentication solution.

Mitnick Security

Mitnick Security

Mitnick Security is a leading global provider of information security consulting and training services.

MDSec

MDSec

MDSec is a consultancy with a passion for information security. Our consultants specialise in application, mobile and hardware security and targeted red team attacks.

National Security Services Group (NSSG)

National Security Services Group (NSSG)

National Security Services Group (NSSG) is Oman's leading and only proprietary Cybersecurity consultancy firm and Managed Security Services Provider.

AdvIntel

AdvIntel

AdvIntel is a next-generation threat prevention and loss prevention company launched by a team of certified investigators, reverse engineers, and security experts.

Persona

Persona

At Persona, we’re humanizing online identity by helping companies verify that their users are who they say they are.

Campus cyber

Campus cyber

A project initiated by the President of the Republic, the Cyber Campus is the totem site of cybersecurity that brings together the main national and international players in the field.

ECIT

ECIT

ECIT is your preferred provider of finance and IT services. We believe in the value of combining financial and IT services to streamline and improve the operation of your business.

Lakera

Lakera

Lakera empowers developers and organizations to build GenAI applications without worrying about AI security risks.