China calls the US an ‘empire of hacking’ following NSA advisory accusing Chinese hackers of exploiting cybersecurity bugs
- The NSA published a list of 25 common software vulnerabilities that it says Chinese state-backed hackers could use to access sensitive data
- China’s Ministry of Foreign Affairs hit back, calling the accusations ironic and citing the Prism surveillance programme
“It is indeed ironic news that the US National Security Agency, as the main implementer of the Prism programme and the world’s largest cyber espionage agency, publicly accuses other countries of cyber espionage,” Zhao said.
Prism was one of the surveillance programmes leaked by Snowden, exposing how the NSA collected internet communications from technology companies like Google, Facebook and Microsoft. Zhao also accused the US of occupying a leading position in software and hardware, giving the country a “natural advantage” in exploiting vulnerabilities.
The NSA advisory, published on Tuesday, details 25 cyber vulnerabilities that have been “recently leveraged, or scanned-for, by Chinese state-sponsored cyber actors”. The list includes vulnerabilities that are already publicly known, such as bugs in software like Microsoft Corp.’s Windows or Citrix Systems, and they are directly accessible from the internet.
The report recommends that US government officials protect their systems against these common vulnerabilities that state-backed hackers could use to steal intellectual property and economic, political, and military information.
The advisory joins a similar report from the US Cybersecurity and Infrastructure Security Agency. The report published by CISA in September notes that hackers affiliated with China’s Ministry of State Security are using readily available exploits to target US government agency networks.
The NSA report says China-backed actors are using the same process for planning to exploit a computer network as “any sophisticated cyber actor”, starting with identifying the target.
