AN investigative report entitled “Volt Typhoon III Report Exposes US Cyber Forces Operations,” published in China Daily on Oct. 14, 2024, reveals alleged extensive cyber operations by US intelligence agencies, including the National Security Agency (NSA), which disguise their activities as foreign actors, notably China, to conduct espionage and cyberattacks on a global scale. In particular, the report describes “Volt Typhoon” as a campaign wrongly attributed to China by US agencies to target critical US infrastructure, possibly to justify further congressional funding and bolster US cyber capabilities.
The NSA reportedly exploits its advanced tech industry and global internet infrastructure dominance, employing methods like “supply chain attacks” that plant backdoor malware in IT products, allowing them to monitor the telecom and internet activity of high-value targets. Investigative evidence from Chinese teams found overlapping IP addresses with nonaffiliated ransomware groups, questioning the authenticity of the US narrative.
This report was jointly issued by China’s National Computer Virus Emergency Response Center and the National Engineering Laboratory for Computer Virus Prevention Technology, critiquing the US for leveraging “Five Eyes” allies, namely the United States, the United Kingdom, Australia, Canada and New Zealand, and corporate partners like Microsoft, to amplify these claims without transparent proof.
Salient points
The following are salient points of the report:
1. Disguised cyber operations: US intelligence agencies, particularly the NSA, allegedly disguise their cyber activities as those of foreign actors, especially China, conducting espionage and cyberattacks globally.
2. Volt Typhoon narrative: The US labeled “Volt Typhoon” as a Chinese cyberthreat, supposedly targeting critical US infrastructure. However, the report suggests this was a strategic narrative to gain congressional support and expand US cyber capabilities.
3. Global surveillance infrastructure: The NSA reportedly controls access points along major submarine cables worldwide, inspecting data traffic across the Atlantic and Pacific, enabling comprehensive monitoring.
4. Supply chain attacks: Using its tech industry dominance, the NSA allegedly intercepts US-made network products, installs malware and repackages them to monitor telecom operators in target countries.
5. Real-time surveillance: Such tactics allow the NSA to monitor internet and phone communications in real time, with an example involving an attack on China’s Northwestern Polytechnical University.
6. Coordination with allies and corporations: US agencies, with “Five Eyes” allies and companies like Microsoft, promoted the “Volt Typhoon” narrative without substantiating evidence to bolster national cybersecurity funding.
Implications
The implications of these alleged US cyber operations are significant, touching on global cybersecurity, international trust and diplomatic stability. If US intelligence agencies are indeed disguising cyberattacks as those of other nations — particularly China — this tactic could intensify international cyber tensions and prompt targeted states to retaliate, potentially sparking a cycle of escalating cyber hostilities. Such actions threaten to destabilize global peace efforts and risk creating a climate of mutual suspicion among nations. Also, these alleged operations could accelerate moves toward “digital sovereignty,” where nations prioritize self-developed or trusted regional tech over global standards. This shift could fragment the current interconnected internet structure as diverse, competing infrastructures emerge in a bid to protect national data and security.
Another key repercussion is the intensification of global surveillance concerns. Control over submarine cables and telecom networks suggests an almost limitless surveillance reach, raising serious privacy and sovereignty issues. Nations, corporations and individuals may respond by imposing stricter data protection policies or avoiding vulnerable systems, which could fragment global data flows and hinder cross-border digital collaboration.
Moreover, these alleged US cyber activities significantly threaten the integrity of international cyber norms. If confirmed, they could fundamentally weaken the principles of responsible state conduct in cyberspace, making it harder to establish a cooperative governance framework. Such actions set a troubling precedent, signaling to other nations that aggressive and covert tactics are acceptable, even if they violate existing cyber agreements. This shift could lead to a destabilized cyberspace where traditional rules are disregarded, mutual restraint breaks down, and a climate of unchecked competition and mistrust prevails. The consequences are a fragmented, volatile digital environment and challenging efforts to build a secure, transparent, cooperative global internet.
Likewise, these alleged US cyber activities risk undermining international cybersecurity cooperation, as accusations of disguised operations breed mutual suspicion, hindering initiatives like intelligence sharing against common threats. Diplomatic relations could also suffer, especially with nations targeted or falsely implicated, leading to pushback and potential countermeasures, particularly from rivals like China. The fallout may intensify calls for “digital sovereignty” as countries seek to secure their own data infrastructure, fragmenting global internet systems and reducing reliance on US tech. Economically, the alleged US cyber activities could not only damage American tech firms, prompting them to adopt more transparent practices to regain trust but also set a dangerous precedent that could inspire other countries to adopt similar tactics, leading to widespread distrust in tech products globally.
Furthermore, the alleged US cyber activities in the report raise critical ethical, legal and strategic issues. By masking their operations as foreign, particularly Chinese, the US risks undermining cyberspace accountability, fostering false narratives that could provoke retaliatory actions against uninvolved nations and destabilize global security. Such activities may also infringe on national sovereignty, as targeting critical infrastructure like telecoms and universities in other states could be seen as aggressive, violating the principles of international law and noninterference. In addition, intercepting global communications through strategic choke points constitutes a profound invasion of privacy with serious human rights implications. Mass surveillance at this level could breach the privacy rights of individuals, organizations and governments worldwide, prompting global backlash and potentially spurring stricter data protection laws that further fragment the digital landscape.
Conclusion
In essence, if accurate, these alleged US cyber activities threaten to erode global trust in both the US and its technology sector, potentially weakening international cybersecurity cooperation and setting a destabilizing precedent for covert cyber tactics. Such actions could strain existing alliances, provoke retaliatory cyber actions and heighten global tensions in cyberspace. As a result, countries may prioritize cybersecurity and digital sovereignty, accelerating a shift toward a more fragmented, less interconnected digital landscape. This could fundamentally alter the open nature of the global internet, undermining collaborative efforts and increasing the risk of isolated, competitive digital ecosystems.
Source: The Manila Times
https://www.manilatimes.net/2024/11/02/opinion/columns/privacy-trust-and-us-cyber-strategy/1996117
