BEIJING – China accused a United States spy agency of hacking a government-funded university with aeronautics and space research programmes, in Beijing’s latest effort to his back at Washington’s complaints of cybersnooping.
The National Security Agency’s (NSA) Office of Tailored Access Operations carried out the attacks on Northwestern Polytechnical University in Xi’an, according to China’s National Computer Virus Emergency Response Centre.
A team from the centre and 360 Security Technology analysed the university’s information systems after it reported an attack from overseas in June, the statement added.
The NSA also conducted more than 10,000 “vicious” cyber attacks on Chinese targets in recent years, collecting more than 140 gigabytes of data of “great value,” it said.
Beijing and Washington have been engaged in an increasingly testy war of words over cyber spying, with China becoming more direct in naming American government agencies in its accusations.
The US for its part has sought to draw a distinction between operations it conducts for national security purposes and the industrial espionage it has accused China of waging against American companies.
Federal Bureau of Investigation director Christopher Wray warned Western companies in July that China aims to “ransack” their intellectual property so it can eventually dominate key industries.
Both countries previously agreed to not condone cybertheft of intellectual property or trade secrets during Chinese President Xi Jinping’s state visit to Washington in 2015.
Ms Samantha Hoffman, a senior analyst at the Australian Strategic Policy Institute, said there has been an uptick in specific Chinese accusations of US cyberattacks and that the US should respond with specific details of Chinese actors engaged in espionage.
“The US and allies need to focus on explaining why China’s activity in this space is abnormal – beyond what most intelligence agencies do,” she said. “Of course, China is likely to continue responding with similar accusations, which may or not be factual.”
China has, in the past, typically responded to such criticisms by saying it is a victim of hacking, calling the US an “empire of hackers” and pointing to Edward Snowden’s revelations almost a decade ago about US espionage.
Among those were claims that the NSA had hacked into the computers of Tsinghua University, one of the China’s top research centres.
More recently, Beijing has shifted its strategy by directly accusing the US of cyber attacks and naming targets.
In February, Chinese cyber security firm Pangu Lab said it discovered US-sponsored hacking activity in China: malware in domestic IT systems it claims was created by hacking group Equation, “generally believed” to be linked to the NSA.
The shift has been an effort to increase public awareness of US activities and to regain the diplomatic initiative globally from the US and its allies, which have for many years accused China of attacks, said Mr Greg Austin, an expert in Chinese cyberactivities at the Singapore-based International Institute for Strategic Studies.
“It’s a change of direction and probably about almost 10 years overdue,” he said. “The disparity between what the United States government and its allies have released on China and what China has released on American and ally attacks is massive. We knew almost nothing from Chinese officials on the scale of American attacks.”
At the same time, the US and its allies have escalated their investments in espionage and surveillance on China and Russia, he said.
State broadcaster China Central Television and other major state media outlets reported on the alleged hacks at Northwestern Polytechnical University, which is affiliated with the Ministry of Industry and Information Technology and runs research programmes in aeronautics, astronautics and marine technology engineering.
The Communist Party’s Global Times newspaper also tweeted about the report and put it on its Weibo social media account.
The news was the top trending topic on Weibo on Monday, attracting 210 million views.
Police in Xi’an said in a statement in June that the university reported it had detected phishing e-mails that posed a “serious security threat” to critical databases. BLOOMBERG