Cybersecurity NewsNews

China Tries Playing Card: Position Self as a Victim of US Cyberattack


For over two years, China has been endeavoring to depict the United States as engaging in the same type of cyber espionage and intrusion activities as it has been accused of carrying out in recent years.

A recent analysis of Beijing’s assertions by researchers at SentinelOne revealed that most of these claims lack substantiation, often relying on previously leaked U.S. intelligence and devoid of any technical evidence. Nonetheless, the Chinese government persists in its misinformation campaign, aiming to deflect attention from its own hacking endeavors, according to SentinelOne.

“China seeks to alter global public opinion regarding Chinese hacking,” states Dakota Cary, a strategic advisory consultant at SentinelOne. “China seeks to portray itself as the target of U.S. hacking operations and to depict the U.S. as the perpetrator of hacking activities.”

Thus far, the campaign has achieved some limited success, with China’s allegations finding their way into Western media outlets like Reuters, Cary notes. Meanwhile, the SentinelOne report emerges against a backdrop of heightened concern in the U.S. about China’s covert and persistent intrusion campaigns targeting critical U.S. infrastructure by threat groups such as Volt Typhoon.

China Releases Report on U.S. Hacking Activities

China’s retaliatory efforts against the U.S. include coordination among certain cybersecurity firms in the country to release reports detailing U.S. hacking activities, subsequently amplifying their impact through government agencies and state media.

Since the beginning of 2022, Chinese state media outlets have been disseminating English-language versions of cyber threat intelligence reports from Chinese security firms. SentinelOne discovered that the English-language Global Times, a publication generally reflecting the official views of the Chinese Communist Party, mentioned NSA-related hacking tools and operations 24 times in 2022, compared to just twice in the preceding year.

In 2023, the publication ran a series of articles alleging U.S. intelligence agencies’ involvement in hacking seismic sensors at the Wuhan Earthquake Monitoring Center. These articles purportedly relied on a report from Chinese cybersecurity firm Qihoo360 and another Chinese government entity. Additionally, in April of the same year, China’s cybersecurity industry alliance published a report detailing over a decade of research on U.S. cyberattacks, including the Stuxnet campaign targeting Iran’s Natanz nuclear facility.