Report says US fabricated 'Volt Typhoon' for funding

A report released on Monday by China's National Computer Virus Emergency Response Center asserts that United States government agencies orchestrated and hyped up the "Volt Typhoon" cyberthreat narrative to secure additional funding from the US Congress and to bolster the cyber-infiltration capabilities of US intelligence agencies.

According to the report, US government agencies are the "masterminds" behind the "Volt Typhoon "plan, with intelligence agencies taking charge of specific planning and execution. Members of the anti-China faction in the US Congress, various executive units of the US federal government, and cybersecurity agencies from countries within the Five Eyes security alliance were involved in the scheme.

Their primary objective was to advocate extending the authorization of Section 702 of the US Foreign Intelligence Surveillance Act, a law permitting surveillance without warrant, and to request approval by the US Congress of increased funding, the report said.

On Jan 31, a US congressional committee held a hearing on the so-called cyberthreat from China, claiming that a "Chinese state-sponsored "hacking organization referred to as "Volt Typhoon" launched a series of activities affecting networks across critical US infrastructure sectors.

The accusation stemmed from a joint advisory issued by authorities in the US, the United Kingdom, Australia, Canada and New Zealand.

In April, the virus emergency response center released a report unveiling the true origins of the "Volt Typhoon" scheme. Recently, a joint technical team meticulously analyzed data from various sources and reconstructed the narrative of this anti-China smear campaign based on the latest investigative findings.

By scrutinizing reports from US institutions, actions taken by US government departments, and statements made by key US political figures, the team identified contradictions in the so-called evidence and related statements provided by the US.

The team highlighted three major points of suspicion: the US instructing relevant companies to alter already published reports; inconsistencies among US officials and cybersecurity companies regarding the supposed "Volt Typhoon" attacks; and contradictory actions by US cybersecurity authorities.

The smear campaign, initiated in early 2023 or possibly earlier, was divided into three phases. Its goals included securing congressional approval for a larger budget allocation; extending Section 702 of the US Foreign Intelligence Surveillance Act, which could enhance its intelligence agencies' cyber-infiltration capabilities, especially external attacks and deterrence against competitors; and internal surveillance and control over the populace, according to the report.

From January to May 2023, the focus was on fabricating allegations of a "Chinese state-sponsored" hacker organization attacking US cyberspace. The subsequent phases, from June 2023 to January 2024, aimed to ensure the extension of Section 702 and secure an increased budget for the 2025 fiscal year.

During the second phase, many US companies hyped the "Volt Typhoon "issue, further fueling the "China threat theory" and resulting in the authorization period for Section 702 being extended to April 19 this year, far short of expectations, the report said.

From February to April 2024, US intelligence agencies continued to portray "Volt Typhoon" as a Chinese cybersecurity threat, again using the Five Eyes intelligence cooperation mechanism to create a favorable public opinion atmosphere for the renewal of Section 702.

On April 19, the US Senate extended the act, allowing US intelligence agencies to keep their power with higher budgets, and expanded the scope of surveillance over the next two years.

Chinese Foreign Ministry spokesman Lin Jian said at a news conference on Monday that the latest report has further exposed that "Volt Typhoon" is merely a farce of media manipulation.

The US has not provided an explanation for the April report, and the director of the US National Security Agency continues to disseminate false information about "Volt Typhoon", Lin said.

He emphasized that China strongly condemns the irresponsible actions of the US and urges it to offer an explanation, immediately halt the slander and defamation against China and adopt a responsible approach to uphold peace and security in cyberspace.

The report said that from May 2023 to January this year, US government-backed hacking organizations carried out over 45 million cyberattacks against Chinese government entities, academies, scientific research institutes, enterprises and critical infrastructure, all of which were authorized by Section 702.

The report underscored the threats posed by Section 702 to US citizens and countries worldwide in terms of individual privacy and state sovereignty. It called on governments and people around the world to firmly oppose the actions of US government agencies that exploit cyber technology to infringe on the sovereignty and legitimate interests of other nations.