The China Cybersecurity Industry Alliance released a report entitled "U.S. Threats and Sabotage to the Security and Development of Global Cyberspace" on Sunday. It employs empirical analysis to closely track the specific actions of the United States that threaten and undermine global cyberspace security and development, exposing the hegemony and bullying behavior of the U.S. in cyberspace.
The following is the full text of the Report:
U.S. Threats and Sabotage to the Security and Development of Global Cyberspace
Preface
Cyberspace is the home of mankind. But to maintain hegemony, the U.S. abuses its IT and resource advantages and extended hegemony to the cyberspace. It conducts cyber espionage and theft, shapes and manipulates public opinion, breaks rules and seeks decoupling and disrupts supply chains. It has been the biggest cyber attacker, cyber weapon maker, and cyber order breaker in the world. It is seriously threatening the development and security of the global cyberspace, the peace and stability of the world, and the civilization and progress of human society.
1. Infiltrating and subverting foreign governments via the Internet
The U.S. uses the Internet as a subversion instrument. Against the target countries, it performs ideological infiltration and control, spreads fake news, smears their governments, incites the people, misleads public opinion, interferes with their internal affairs and subverts their state power via the Internet.
Since 2003, many abnormal regime changes have happened in the Eurasian region. As shown in Georgia’s “Rose Revolution”, Ukraine’s “Orange Revolution” and Kyrgyzstan’s “Tulip Revolution”, protests and riots happened in elections and evolved into overall political crises. Dubbed as the “second CIA”, the National Endowment for Democracy (NED) is long funded by Congress and the White House. On March 29th, 2022, Damon Wilson, president and CEO of NED, acknowledged the U.S. had planned “color revolutions” in the region via the Internet.
In 2011, the so-called “Arab Spring” originated from Tunisia, overwhelmed West Asia and North Africa, and caused social turmoil, tens of thousands of casualties and a loss of one trillion dollars. Based on Twitter, Facebook and other social media, the U.S. shaped public opinion, incited people, and advocated Western values. It incited people to take to the streets to trigger social turmoil and regime changes. On February 25th, 2022, the former U.S. Secretary of State Hillary Clinton acknowledged that “We did some of that in the Arab Spring” in an interview with MSNBC when talking about interfering with other countries via the Internet.
In August, 2022, Stanford Internet Observatory and the research company Graphika jointly published a report Unheard Voice: Evaluating five years of pro-Western covert influence operations. The report showed popular social media outlets like Twitter, Meta and Instagram had a number of interconnected sham accounts funded by the U.S. government. The accounts used deceptive tactics to cover covert campaigns for almost five years to support the U.S. and its allies and oppose countries including Russia, China and Iran.
2. Performing indiscriminate cyber surveillance and espionage
The U.S. takes “national interests” as an excuse, and abuses its IT and industrial advantages to spy on the world in cyberspace massively, systemically and indiscriminately. From civilians to national leaders, politicians to international organizations, diplomatic missions to firms, no one can be exempt from the U.S. intelligence agencies even including the U.S. allies. The U.S. data theft has breached global Internet users’ privacy, trampled on human rights and infringed upon the sovereignty of other countries.
In 2007, the National Security Agency(NSA) started a top-secret surveillance program PRISM to monitor global communication, including that of the U.S. citizens, from the servers of nine such Internet giants as Google, Facebook and AOL. In June, 2013, the former defense employee and subcontractor Edward Snowden disclosed to The Guardian and The Washington Post secret files of PRISM. The files showed the U.S. government had been tracking real time data including emails, live chats, videos, audios, files and photos and monitoring everything about the targets. On June 7th, 2013, the then U.S. President Obama acknowledged the program. The Washington Post later noted that the NSA’s surveillance was covert and might be illegal.
In 2015, WikiLeaks published that the U.S. spied on 35 Japanese targets including Japanese cabinet members and Mitsubishi. In February, 2020, The Washington Post, ZDF and SRF published a joint investigation report and revealed the CIA and the German Federal Intelligence Service used a Swiss communications encryption firm Crypto AG to spy on governments and firms by covertly controlling Crypto’s encryption products sold to 120 countries.
In May, 2021, DR reported the NSA and the Danish Intelligence Service wiretapped leaders of EU countries including then German Chancellor Angela Merkel. On May 31st, 2021, President Macron and Chancellor Merkel attended a virtual Franco-German Council of Ministers meeting and requested the U.S. and Denmark to explain. “This is unacceptable among allies”, said President Macron.
In early April, 2023, The Washington Post and many media outlets reported a leak of many U.S. military intelligence documents on the Ukraine crisis. The leaked documents showed the U.S. eavesdropped on the UN Secretary-General Guterres and leaders of other countries such as the Republic of Korea and Israel. On April 18th, UN spokesman Stephane Dujarric said the UN had officially expressed to the U.S. its concern on the above mentioned media reports.
3. Attacking and deterring other countries in the cyberspace
Based on its cyber advantages, the U.S. uses cyber deterrence as a major instrument of its hegemony. Cyber deterrence is increasingly becoming its preference in international relations. The U.S. frequently attacks other countries in cyberspace, uses cyberspace as a main battlefield of a new Cold War, and adopts a “defend forward” tactic based on all its state power including politics, economy, diplomacy and the military. In particular, the U.S. takes civilian critical infrastructure cyber attacks as a new method to maintain hegemony and achieve political, economic and military objectives. This greatly harms the security, development and social stability of other countries.
In December 2010, the Stuxnet virus was used to attacked the Iranian Natanz Nuclear Power Plant. It destroyed a number of centrifuges and delayed related nuclear projects. On June 1st, 2012, New York Times reported Stuxnet originated from a program “Olympic Games” of the U.S. government around 2006. This was the first cyber weapon attack in the real world. The U.S. was so excited to find the cyber warfare cost much lower than the traditional warfare that it soon established cyber forces. It has been the initiator and source of global cyber warfare.
“Equation Group” is a cyberattack group with notorious track records. But the U.S. supports it in cyber attacks globally. On August 13th, 2016, a famous hacking group “The Shadow Brokers” revealed in social media that the leaked data showed the “Equation Group” had hit over 45 countries in over ten years. The attack manual and string of malware program were exactly the same with those of PRISM. The evidence indicated the link between the “Equation Group” and the U.S. NSA.
In 2018, the U.S. published the DoD Cyber Strategy, which initiated the “hunt forward” principle of cyber warfare, and extended its cyber defense line to other countries. In the mid of October, 2022, the U.S. Cyber Command (CYBERCOM) published policy documents on cyber warfare. Based on the documents, the objective of the U.S. cyber operations was to “own the domain”; the U.S. cyber forces put critical infrastructure as legitimate targets during times of cyber conflicts; and pursued preemptive strike as an offensive strategy. This showed the U.S. militaristic ambition to seek hegemony in cyberspace. Since 2018, CYBERCOM has conducted over 40 operations in over 20 countries including Estonia, Lithuania and Ukraine. It used the so-called “situational awareness” and the “defend forward” methods to uncover, locate and expose adversaries’ cyber operations to conduct cyber deterrence and strikes. In December, 2022, French COMCYBER commander Aymeric Bonnemaison told the parliament that the U.S. CYBERCOM’s hunt forward operations in Europe were “quite aggressive”. Hunt forward operations were only excuses of the U.S. cyber espionage and attacks and had made its European allies very uneasy.
On June 1st, 2022, Sky News reported that Paul Nakasone, Commander of U.S. CYBERCOM and Director of National Security Agency, acknowledged in an interview that in December, 2021, the U.S. sent a cyber force to Ukraine and stayed there for about three months. In the Ukraine crisis, the U.S. also “conducted a series of operations across the full spectrum; offensive, defensive, [and] information operations.” This was the first time that a senior U.S. official confirmed the U.S. cyber attacks against another country.
On September 5th, 2022, China’s National Computer Virus Emergency Response Center and Qihoo 360 Technology Co., Ltd. published a Report on the Cyber Attacks of NSA on China’s Northwester Polytechnical University (NPU). The report showed NPU’s network had been repeatedly attacked by overseas hackers attributed to Office of Tailored Access Operation(TAO) under NSA for years. TAO infiltrated and controlled NPU’s critical information infrastructure with over 41 dedicated cyber weapons to steal key network equipment configuration, network management data, and operation and maintenance data.
On July, 26th, 2023, Wuhan Municipal Emergency Management Bureau published a statement that CVERC and Qihoo 360 detected a cyber attack from overseas organization on its earthquake monitoring center. Some front-end station collection points of earthquake reporting data had been implanted with backdoor programs. The media later reported that the recent investigation found very complex backdoor malware that fit the characteristics of U.S. intelligence agencies. This was the latest example of the U.S. cyber attack on China’s critical Chinese infrastructure with a clear military reconnaissance purpose.
4. Triggering a cyber arms race
The U.S. is the culprit of cyber arms race. It viewed cyberspace as a new battlefield, introduced new combat concepts, and conspired to dominate this new battlefield. Early in 2009, the U.S. founded the first cyber command in the world and continued to strengthen cyber forces. It had built dozens of large intelligence-gathering systems and developed a huge armory of cyber weapons. Instigated by the U.S., its allies soon followed suit and the cyber arms race is getting white-hot globally.
By 2015, the U.S. had developed over 2,000 cyber weapons including worms, Trojans, logic bombs and trapdoors. EternalBlue was a tool accidentally leaked from the NSA’s cyber armory. It was later changed into the WannaCry virus. On May 12th, 2017, the WannaCry ransomware attack erupted, hit about 300,000 computers in over 150 countries, and caused a loss of up to 8 billion dollars.
On August 18th, 2017, CYBERCOM was elevated to the U.S. 10th combatant command as equal to the U.S. Central Command. Until September, 2018, the U.S. Cyber Mission Force(CMF) had had 133 cyber teams, including 13 Cyber National Mission Teams, 68 Cyber Protection Teams, 27 Cyber Combat Mission Teams and 25 Combat Support Teams.
5. Abusing political measures to disrupt the global industry and supply chain
The U.S. government uses political security and ideology as an excuse, overstretches the “national security” concept and hypes up the “China threat narrative”. It ignores China’s adherence to the independent foreign policy of peace over the decades, smears China’s great contribution to the global cyberspace and voice of justice, and forces its allies to take sides. It ignores the international order after WW2, the basic principles of cyberspace, and the UN consensus on “developing and implementing globally interoperable common rules and standards for supply-chain security”. It abuses its export control measures, oppresses foreign firms or entities with political, economic and financial measures, and creates “exclusive small cliques”. It has disrupted global trade, violated market laws, undermined market rules and trade order, and destabilized global industry and supply chain.
The U.S. Department of Commerce has put a number of firms and entities on the “Entity List” of export control and caused chaos in the global supply chain. Taking China as an example, more than 1400 Chinese entities were on the list spanning industries including telecommunication, finance, and transportation before September, 2023. The list included technology firms like Huawei and SMIC, and research and education entities like Harbin Institute of Technology and the Institute of Computing Technology of Chinese Academy of Sciences.
In May, 2019, the U.S. gathered 32 countries for the “Prague 5G Security Conference” in Czech Republic, jointly published the “Prague Proposals”, and conspired to ban China’s 5G products from the policy, security, technological and economic aspects. The U.S. also pressed European, Asian and African countries to ban Huawei’s 5G products. Globally, many media and industrial experts argued that banning Chinese companies from 5G was an embarrassing request against global digitalization and its future development.
In September, 2021, the U.S. used “increasing supply chain transparency” as an excuse and forced hundreds of major firms throughout the semiconductor supply chain including Apple, Microsoft, Intel, TSMC and Samsung to submit their confidential information including customer information, sales data, chip inventories and expansion plans. The request put their confidential corporate information at the risk of leakage, cut their advantages in price negotiations with the U.S. firms, eroded the trust and confidence of global customers and undermined the semiconductor supply chain in the world.
In August, 2022, U.S. President Biden signed the CHIPS and Science Act and forced international firms to side with the U.S.. Based on the Act, the U.S. government requested foreign firms like TSMC and Samsung who would benefit from the American chip industry subsidies to set up chip plants in the U.S.. In this way, the U.S. could dominate the industry chain of high-end chips and harass the chip industry of other countries.
In April, 2024, U.S. President Biden signed a package of “Foreign aid bills”, which included forcing ByteDance to divest its TikTok U.S. business within nine months, or it would banned in United States. This regulation fully reflects the United States’ double standard to maintain its cyber hegemony of controlling and manipulating international public opinion platforms. On one hand, it advocates freedom and democracy internationally while selling social media platforms it controls to nearly all countries worldwide. On the other hand, it broadens the notion of national security, exploiting legal measures for coercive and predatory actions.
6. Sabotaging cyberspace rules and order
The U.S. deems itself the “leader” of cyberspace and makes most of the defects of cyberspace like unsound regulations and imbalanced development to strengthen its “superpower hegemony”. It puts its own interests over the interests of the world and puts the global cyberspace into a “security dilemma”, “promise-breaking deadlock” and “trust-breaching panic”.
On September 23rd, 2019, the U.S. and another 27 countries published a Joint Statement on Advancing Responsible State Behavior in Cyberspace. This statement distorted and tampered with the framework of responsible state behavior and deviated from the consensus the U.S. and its cohorts had agreed with. This fully illustrated the U.S. all-time principle of applying international law in a selective and utilitarian way. The U.S. deliberately ignored the aspiration of the international society to build a “peaceful cyberspace” and divided the cyberspace into “peacetime” and non-peacetime. Its intention was to legalize its offensive military operations in cyberspace and make the cyberspace a new battlefield. Such behavior maliciously aggravated cyber conflict risks among countries and was detrimental to cyberspace peace and security.
On April 28th, 2022, the U.S. gathered over 50 countries and jointly published a Declaration for the Future of the Internet. It openly affirmed “to promote and sustain an Internet that is global and interoperable”. In reality, it discarded multilateral platforms like the UN, created “small cliques” based on ideology, and undermined the international order and rules with “gang rules” of blocs. The so-called declaration was a latest example of U.S. intention to divide the cyberspace and trigger cyber confrontation.
Conclusion
Cyberspace is a shared space of mankind. Every country has shared interest and future in cyberspace, and aspires to a peaceful, secure, open, cooperative and orderly cyberspace. But the U.S. recklessly maintains its cyber hegemony, pursues “absolute security” of itself at the cost of other countries, and even pursues a way of undermining and splitting the cyberspace. The U.S. vicious deeds impede global digitalization, run against the history, and must be denounced by the world. For the interest of mankind, governments of conscience, firms, social organizations, scholars and netizens aspiring to fairness, justice and freedom should strengthen dialogues and cooperation, promote development, maintain security, pursue joint governance and shared benefits, build a community with a shared future in cyberspace, and work for a brighter future for mankind.
京公网安备 11010202009201号