Chinese officials made the admission last year during a closed-door meeting at a Geneva summit in late 2024.

Archived

Original article behind paywall

Volt Typhoon has been responsible for intrusions into vital critical infrastructure both in the continental United States and its possessions through the Pacific.

The group has made transport hubs and water utilities a particular target, with the hackers so far not causing any disruption but rather prepositioning themselves ahead of any hostile action.

The admission of Chinese responsibility came during a secret meeting between outgoing Biden administration officials and Chinese representatives on the sidelines of a summit in Geneva in December 2024. According to two anonymous observers, The Wall Street Journal (WSJ) reported late last week that the Chinese attendants referred indirectly to the activity as being a warning for the US to stay away from any attempts to support or defend Taiwan.

According to the WSJ, the comments were “indirect and somewhat ambiguous”; however, US officials present felt the meaning was plain.

Speaking to Cyber Daily’s sister brand, Defence Connect, earlier this year, Adam Meyers, SVP of counter-adversary operations at CrowdStrike, said that Volt Typhoon’s activity was clearly aimed at disrupting any US action in the region.

  • randomname@scribe.disroot.orgEnglish
    6·
    8 days ago

    One of the more elaborated news on that topic:

    Chinese officials have implicitly acknowledged responsibility for a series of sophisticated cyber intrusions targeting critical U.S. infrastructure.

    During a high-level meeting in Geneva with American officials, representatives from China’s Ministry of Foreign Affairs indirectly linked years of computer network breaches at U.S. ports, water utilities, airports, and other critical targets to increasing U.S. policy support for Taiwan […]

    Wang Lei, a top cyber official with China’s Ministry of Foreign Affairs, made the comments after U.S. representatives emphasized that China appeared not to understand how dangerous prepositioning in civilian critical infrastructure was, and how such actions could be viewed as an act of war […]

    The admission is considered extraordinary, as Chinese officials have typically denied involvement in cyber operations, blamed criminal entities, or accused the U.S. of fabricating allegations.

    Dakota Cary, a China expert at cybersecurity firm SentinelOne, noted that such an acknowledgment, even indirectly, likely required instructions from the highest levels of President Xi Jinping’s government.

    Source

    [Edit to insert archived source link.]