China Accuses CIA of Hacking Beijing for Over a Decade

China has repeated claims that a CIA group had hacked its key industries for over a decade, just one day after a U.S.-led coalition rebuked Beijing over alleged state-sponsored cyberattacks on Microsoft.

Chinese Foreign Ministry spokesperson Zhao Lijian said charges that its Ministry of State Security had sanctioned contract hackers to conduct cyber operations around the world were "unwarranted" and a "political smear."

The allegations put forward by the U.S. and its allies—including NATO, the European Union, Five Eyes and Japan—lacked evidence, he told reporters at a daily press briefing in Beijing on Tuesday.

Washington should be "especially careful when linking cyberattacks to a national government," he said. "China firmly rejects and condemns any form of cyberattack," Zhao continued, adding that China would not "encourage, support or condone" hacking.

The Chinese official called the U.S. the "world's largest source of cyberattacks," before appearing to accuse the U.S. of similar charges by citing a report claiming the CIA was behind 11 years of hacking Beijing's critical industries.

China Spokesperson Hits Back At Cyber Charges
File photo: China's Foreign Ministry spokesperson Zhao Lijian. GREG BAKER/AFP via Getty Images

Data by China's national cyber emergency response team showed 52,000 malicious programs originating from outside China had hacked 5.31 million Chinese computers in 2020, Zhao said, claiming the U.S. and NATO countries were among the top three sources.

He then referenced a March 2020 report by Chinese internet security company Qihoo 360, which claimed the CIA had "long targeted specific industries and departments" in China.

Zhao said the report named "American CIA hacking group APT-C-39" as having "infiltrated and attacked China's key sectors such as aerospace, scientific research institutions, the oil industry, major internet companies and government agencies for as long as 11 years."

The attacks "seriously undermined China's national and economic security, as well as that of key infrastructure and the public's personal data," he added, without elaborating whether the similar activity was ongoing.

Zhao's reference to the Qihoo 360 report was a relitigation of the same allegations he made against the U.S. on October 21 last year, after the NSA had accused China of state-sponsored malicious cyber activity.

Monday's rare collective condemnation of Beijing's cyberattacks claimed its state security organ was using "criminal contract hackers to conduct unsanctioned cyber operations globally, including for their own personal profit," according to a briefing by a Biden administration official.

"Their operations include criminal activities, such as cyber-enabled extortion, crypto-jacking, and theft from victims around the world for financial gain," the official said.

The coalition's joint response blamed China for the hack of Microsoft Exchange services earlier this year. Contract hackers exploited vulnerabilities before Microsoft released its security updates to compromise computers and networks worldwide "in a massive operation that resulted in significant remediation costs for its mostly private sector victims," a White House statement said.

"The United States has long been concerned about the People's Republic of China's (PRC) irresponsible and destabilizing behavior in cyberspace," it noted.

"Today, the United States and our allies and partners are exposing further details of the PRC's pattern of malicious cyber activity and taking further action to counter it, as it poses a major threat to U.S. and allies' economic and national security," it added.

It is unclear whether the Biden administration plans to sanction relevant Chinese officials over the alleged cyberattacks in the future.