In recent years, the U.S. has often wielded the big stick of public opinion, posing as the victim and accusing other nations of launching cyberattacks. Yet at the same time, it has not ceased to conduct its own global cyberattacks, and seriously threatens the cybersecurity of every country.
Recently, a network security company counted 178 overseas hacker groups that it has tracked over time and that have launched cyberattacks on critical and sensitive entities in China. Of these, 67 IP addresses, numeric designations that identify the location on the internet, traced the source of these attacks to the U.S, amounting to 37.6% of the hacker groups. Some groups launched attacks against more than 8,600 hosts in China for more than a month, with targets including a number of government agencies, enterprises and other organizations. Domestic network security company Hangzhou Anheng Information Technology Co. Ltd. has conducted analyses of the IP assets used in advanced attacks that were discovered and disclosed globally in 2020 and found that about 30% originated from the U.S., meaning proportionally the U.S. ranks “at the top of the list.”
In March 2020, domestic cybersecurity company Qihoo 360 disclosed that CIA-backed hacker group APT-C-39 had been conducting cyberattacks against China for 11 years, since 2008. The targets of the attacks were mainly Chinese government departments and scientific research institutions involving several important industry sectors such as aviation, petroleum and internet companies.
As the country that is in charge of the PRISM program, the U.S. has been engaged in the world’s largest cyberattack and covert operation for years, not even sparing its own allies.* In February 2020, it was revealed that since the 1970s, the CIA and Germany’s Federal Intelligence Service had secretly been controlling Swiss encryption device manufacturers Crypto and Omnisec to conduct surveillance activities in many countries around the world. Research suggests that in the 1980s, about 40% of diplomatic cables and other information analyzed by the National Security Agency came from devices made by Crypto. In addition, the foreign media have reported that the U.S.-dominated Five Eyes intelligence alliance of Western nations planted a backdoor program called Regin on Russia’s largest search engine website Yandex in 2018, stealing technical information and monitoring user activity. According to Edward Snowden, the person behind “PRISM-gate,” Regin was developed and deployed by the NSA. British and U.S. intelligence agencies are alleged to have used the program to carry out cyberattacks against Belgacom, a Belgian telecommunications company. These scandals are once again ironclad proof that the U.S. indiscriminately steals intelligence from other countries through technological backdoors.
Recently, a Google research team found that within a 9-month period, a hacker organization had exploited at least 11 zero-day vulnerabilities to carry out cyberattacks. When it was subsequently revealed that the group had a connection to Western government, the U.S. media argued that the group was conducting counterterrorism operations under democratic oversight. This kind of rhetoric completely exposes a persistent U.S. double standard: making baselessly accusing other countries of launching cyberattacks, when its own camp is caught with solid evidence, and then immediately throwing on the cloak of democracy.
All these facts prove that the U.S. is the world’s largest cyberattacker and intelligence thief. It is truly the No. 1 “Matrix.” No matter how much you dress something up or forcibly whitewash it, a lie repeated a thousand times can never become the truth. The United States should immediately stop pretending black is white and return the world to a truly secure cyberspace.
*Editor’s note: PRISM is a code name for a program under which the U.S. National Security Agency collects internet communications from various U.S. internet companies.