Chinese official avows Beijing is behind cyberattacks on US, identifies motive: Report

U.S. officials and tech companies have long understood that the communist regime in Beijing has orchestrated numerous significant cyberattacks on American institutions and critical infrastructure. In a secret December meeting, Chinese officials apparently admitted as much and identified a major reason for doing so: America's continued support for the island nation of Taiwan.

A pair of anonymous sources said to be familiar with the matter told the Wall Street Journal that Chinese officials met with elements of the outgoing Biden administration during a December summit in Geneva that was led by Nate Fick, the State Department's then-ambassador at large for cyberspace and digital policy.

Whereas previously, China has played off Volt Typhoon — its hacker outfit tasked with espionage and information gathering — as a criminal crew of rogue hackers or the product of Western fantasy, the Chinese delegation apparently acknowledged that it was indeed a state-backed enterprise.

According to Microsoft, Volt Typhoon has pursued "development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises."

Blaze News previously reported that Volt Typhoon — distinct from Salt Typhoon, the Chinese state-sponsored hacker group that recently compromised at least eight American telecommunications companies, enabling Beijing to spy on the Trump and Harris presidential campaigns — has hit critical infrastructure in Guam and other American regions, affecting communications, manufacturing, transportation, government, maritime, and other sectors.

The U.S. National Security Agency, the U.S. Cybersecurity and Infrastructure Security Agency, the FBI, and various allied cybersecurity agencies in the Anglosphere issued a joint advisory in 2023 highlighting "a recently discovered cluster of activity of interest" associated with the group. In their advisory, the cybersecurity groups noted that "one of [Volt Typhoon's] primary tactics, techniques, and procedures (TTPs) is living off the land, which uses built-in network administration tools to perform their objectives."

The New York Times reported at the time that while the Volt Typhoon attacks on the U.S. presently amount to a likely espionage campaign, "the Chinese could use the code, which is designed to pierce firewalls, to enable destructive attacks, if they choose."

In January 2024, the Department of Justice announced that it had disrupted certain efforts by Volt Typhoon to "target America's critical infrastructure using a botnet."

Former FBI Director Christopher Wray noted, "Volt Typhoon malware enabled China to hide as they targeted our communications, energy, transportation, and water sectors."

According to current and former U.S. officials, Wang Lei, a senior cyber official with China's ministry of foreign affairs, not only acknowledged the infrastructure hacks at the December 2024 summit but indicated that they were executed in response to the American military's backing of Taiwan.

Wang's comments were reportedly in response to American officials' suggestion that China's prepositioning in civilian infrastructure could be viewed as an act of war.

U.S. officials told the Journal that while the Chinese delegates at the summit did not explicitly state that Beijing was directly responsible for the group and its actions, "American officials present and others later briefed on the meeting perceived the comments as confirmation of Beijing's role and was intended to scare the U.S. from involving itself if a conflict erupts in the Taiwan Strait."

Dakota Cary, a China expert at the cybersecurity firm SentinelOne, told the Wall Street Journal that an official such as Wang would acknowledge the cyberattacks only if told to do so by Xi Jinping's regime and that doing so would likely serve to signal to the inbound Trump administration the stakes of America's involvement with Taiwan.

The State Department did not comment on the December meeting but told the Wall Street Journal that the Trump administration has made clear to Beijing that it will "take actions in response to Chinese malicious cyber activity."

The Chinese embassy in Washington apparently accused the U.S. of "using cybersecurity to smear and slander China" and spreading so-called disinformation.

Like Blaze News? Bypass the censors, sign up for our newsletters, and get stories like this direct to your inbox. Sign up here!