In December 2024, during a secret meeting in Geneva, Chinese officials admitted to conducting cyberattacks against US infrastructure. The meeting involved members of the outgoing Biden administration, who were reportedly shocked by the admission. Chinese officials’ remarks were vague and indirect, but the American delegation believed the attacks were part of China’s response to US support for Taiwan. The attacks, known as Volt Typhoon, were seen as an attempt to deter US involvement in a potential conflict with China.
The Volt Typhoon campaign, which targeted US infrastructure, used zero-day vulnerabilities and other advanced techniques. The attacks targeted critical sectors, including communications, energy, transportation, and government services. The attackers reportedly gained access to the US electric grid for over 300 days in 2023. The breaches raised serious concerns about China’s ability to spy on the US and potentially cause disruptions in vital systems.
In addition to Volt Typhoon, the meeting also addressed another cyberattack campaign known as Salt Typhoon.
This campaign targeted major US telecom firms and resulted in the compromise of communications, including phone calls and text messages of senior officials. While the Volt Typhoon campaign is considered an unacceptable provocation by the US, the Salt Typhoon attack is viewed as more akin to cyberespionage, which the US itself conducts against adversaries.
Both China and the US have increasingly accused each other of cyberattacks in recent years. These public accusations have contributed to rising tensions between the two nations. Despite the revelations at the Geneva summit, the US has continued to grapple with the growing threat of cyberattacks from China and other adversaries.
Reference:
