A deliberate and coordinated campaign: The NCVERC report revealed that between January 26 and February 14, 2025, the Games’ information systems were struck by 270,167 attacks from abroad, with activity peaking on February 8, the day after the event’s formal opening. Of these, 170,864 attacks (63.24%) originated from US-based IP addresses.The cyber onslaught primarily targeted the event’s Information Service System, Arrival and Departure Management System, and Charging Card System. Attacks included arbitrary file read vulnerabilities, SQL injection, and spoofed HTTP headers, as well as mass port scans and vulnerability exploitation, the report stated.Chinese authorities alleged in the NCVERC report that the perpetrators used cloud-based hosts from providers like Digital Ocean to obscure their origins, and the report claims that servers in Europe and Asia were leveraged to launch the attacks under the cloak of anonymity.
Academic connection: The Xinhua report specifically mentioned Chinese telecommunications giant Huawei as a target, stating that investigations revealed “the three NSA operatives had repeatedly launched cyberattacks against China’s critical information infrastructure and participated in cyber operations targeting companies such as Huawei.”In an unusual twist, Chinese authorities also implicated US universities in the alleged campaign.”Technical teams also uncovered evidence implicating the University of California and Virginia Tech in the coordinated cyber campaign against the Asian Winter Games,” according to Xinhua.NCVERC’s report claimed their attribution analysis linked the attacks to the US government based on TTPs (tactics, techniques, and procedures), timeline, timezone, language patterns, and other behavioral characteristics.”During the hosting of large-scale international sports events in China, foreign hostile forces spare no effort to destroy and interfere with the normal operation of the sports events through cyberattacks, and even try to create chaos and steal sensitive information,” the report added.Officials added they would submit “details and artifacts of these attacks” to public security authorities for further investigation.
Ongoing cyber tensions: The accusations represent the latest development in the long-running digital conflict between China and the United States, where both nations routinely accuse each other of cyber espionage.US intelligence agencies consistently attribute major breaches to Chinese state-backed hackers, like APT40 and Volt Typhoon, responsible for campaigns against Western government, telecom, and tech sectors. The NSA, the University of California and Virginia Tech have not responded to queries on these accusations.
First seen on csoonline.com
Jump to article: www.csoonline.com/article/3962756/china-alleges-us-cyber-espionage-during-the-asian-winter-games-names-3-nsa-agents.html
