Chinese authorities have accused the United States’ National Security Agency (NSA) of orchestrating advanced cyberattacks targeting vital sectors during the Asian Winter Games held in February, with the alleged aim of destabilizing China’s critical infrastructure and stealing sensitive data.
According to police in Harbin, northeastern China, the NSA was behind cyber intrusions aimed at key industries such as energy, transportation, water resources, communications, and defense research institutions in Heilongjiang province. The cyber operations reportedly peaked around the start of the Winter Games, with the first major activity recorded during an ice hockey match on February 3.
State media further disclosed that three individuals—Katheryn A Wilson, Robert J Snelling, and Stephen W Johnson—have been identified as NSA agents involved in these attacks. They were added to a national wanted list for their alleged repeated cyber offensives against China’s information infrastructure, including operations directed at Huawei and other prominent enterprises.
Additionally, the report named the University of California and Virginia Tech as being linked to the incidents, though specific details regarding their involvement were not provided.
The attacks allegedly activated pre-installed backdoors in Microsoft Windows systems on targeted devices in Heilongjiang. To conceal their operations, the NSA is accused of purchasing IP addresses across multiple countries and renting numerous anonymous servers in Europe and Asia.
The cyberattacks reportedly aimed to disrupt event operations, steal personal data of athletes, and gain unauthorized access to sensitive systems, such as the Asian Winter Games’ registration platform, which contained identity-related information about participants.
This latest wave of accusations intensifies the already strained relations between the U.S. and China, who remain locked in an ongoing trade and technology standoff. Recent months have seen a rise in mutual cyber espionage claims, with Washington recently charging several alleged Chinese hackers for targeting U.S. defense and government institutions, as well as foreign ministries in Taiwan, India, Indonesia, and South Korea.
While the U.S. frequently accuses Chinese state-backed actors of cyberattacks, Beijing continues to deny any involvement and has, in recent years, begun to publicly accuse the United States of similar acts.
In December, Chinese authorities reported uncovering two U.S. cyber operations aimed at stealing trade secrets from local tech firms since May 2023, though the agency behind those incidents was not identified.
The U.S. Embassy in China has not yet issued a response regarding these latest allegations.
