In the last few years, Chinese companies have released several reports accusing U.S. agencies of cyberattacks on Chinese infrastructure. Although China has long released data on the numbers of U.S. hacking attempts, detailed reports were not a common occurrence. Recent reports indicate that Beijing is intensifying its efforts at narrative-building by focusing on malicious cyber activities of the United States.
Over the years, various institutes and state-affiliated bodies in the U.S. have exposed China’s cyber espionage activities in the U.S. and in other countries. For example, Mandiant, a U.S.-based cybersecurity firm, has released multiple reports detailing Chinese cyberattacks in the United States. Moreover, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) publishes reports on “Chinese Malicious Cyber Activity.” The United States also holds publicly broadcasted testimony sessions exploring China’s cyber activities and threats. These reports and testimonies have taken discourse on China’s cyber activities to a global audience, making everyone aware of possible cyber threats arising out of China.
Chinese companies, security experts, and leaders believe that these allegations of Chinese cyberattacks are attempts to malign China. For example, the state-owned Global Times quoted views expressed by Chinese companies and experts that these were U.S. attempts to malign China. Similarly, an article published by the China Institute of International Studies (CIIS) in 2020 also called out the United States for “hypocrisy in cybersecurity” after the 2020 Qihoo 360 report.
As a result, many Chinese experts and leaders had called for China to issue similar reports exposing U.S. cyberattacks in China. For example, just a few days before Pangu Lab released its report on U.S. cyber espionage, Hu Xijin, the former editor-in-chief of Global Times, lamented on his personal WeChat blog that from time to time foreign organizations and individuals claim they have been the victim of cyberattacks from China, while China has nothing but dry numbers of U.S. cyberattacks on China.
Another point of frustration was the Chinese government’s silence or lack of coherent response to the U.S. allegations of Chinese state-sponsored cyberattacks. This seems to be changing slowly. In 2020, the Foreign Ministry had renounced the U.S. as a “hacker empire.” The recent media briefings of the ministry have highlighted the reports released by Chinese security companies, and the state-sponsored propaganda machinery is also doing the same.
Moreover, the Foreign Ministry is also releasing the separate remarks for its spokesperson on U.S. cyberattacks. The ministry has released separate spokesperson’s remarks highlighting the findings from all three reports by Qihoo 360, the report from the National Computer Network Emergency Response Technical Team (CNCERT), and the report from Qi An Pangu Lab, respectively. This is Beijing’s new strategy for responding to Washington.
China’s messaging is not aimed only at the U.S., however, but at a broader global audience. Leveraging such reports, Beijing is highlighting that the United States’ cyberattacks threaten even U.S. allies. This was evident from Wang Wenbin’s statement on March 24, where he emphasized: “As we can see from exposed operations such as ‘Dirtbox’, ‘PRISM’, ‘Irritant Horn’ and ‘Telescreen’, the US doesn’t even spare its allies and partners in its global cyber-surveillance and attacks.”
Moreover, the Pangu Lab report was available in Mandarin and English, listing all the other countries NSA has allegedly penetrated. This list included targets from India, the U.K., Australia, Japan, and many other countries, thus highlighting that U.S. partners were also victims of malicious cyber activities.
As both countries lock horns on a range of issues from technology to diplomacy, such narrative-building efforts are likely to intensify further. Until now, Chinese malicious activities in cyberspace have received the bulk of the attention. Now Beijing is attempting to balance the scale.