US remains ‘silent’ on US firm’s disclosure of revised evidence after China’s ‘Volt Typhoon’ truth revealed

Cartoon: GT

After China released an investigation report on Typhoon Volt, the US asked relevant companies to change the content of the report it had previously released, in order to cover up the evidence, without considering the traces left by the operation, the Global Times learned on Sunday. However, the US Embassy in China and the relevant companies remained silent when the Global Times contacted them for comment.

On May 24, 2023, cybersecurity authorities from the Five Eyes countries—the United States, the United Kingdom, Australia, Canada, and New Zealand—issued a joint cybersecurity advisory, saying they had discovered a cluster of activities of interest associated with a “Chinese state-sponsored cyber actor,” known as Volt Typhoon, and these activities “have impacted networks in critical infrastructure sectors of the United States.”

In response, China’s National Computer Virus Emergency Response Center (CVERC), National Engineering Laboratory for Computer Virus Prevention Technology, and 360 Digital Security Group conducted a joint investigation, and further analysis revealed that Volt Typhoon had more correlation with ransomware groups and other cybercriminals.

After the release of the investigation report on the “Volt Typhoon” in April this year, the Chinese joint investigation team has continued to follow the actions and intentions of the United States in creating the false narrative about the “Volt Typhoon”.

“We conducted a verification analysis based on the indicators of compromise (IoC) of the so-called ‘Volt Typhoon’ organization in the US, and found that this organization is closely related to a ransomware criminal group called Dark Power disclosed by ThreatMon, a US cybersecurity vendor,” a CVERC researcher told the Global Times on Sunday.

The report directly quotes the content of the ThreatMon report and discloses the associated IP address information hidden behind the back cover image. The researcher said that after the investigation report was released, the US side asked ThreatMon to openly modify the content of the report, the entire report was expanded from 17 pages to 20 pages, but the crucial evidence of the associated IP address, which was originally behind the back cover image, is now nowhere to be found.

The Global Times sent an email to the US Embassy in China to ask for its views on the contents revealed in the report. The US Embassy in China did not respond and remained silent as of press time.

After CVERC released a report on April 15 exposing the false “Volt Typhoon” narrative, the US Embassy in China and Microsoft, contacted by the Global Times for comment, did not respond as of press time.

At a press conference on Monday, Lin Jian, a spokesperson for China’s Foreign Ministry, said the latest report further revealed that this disinformation campaign is designed by the NSA, FBI and other members of the U.S. intelligence community with the participation of China hawks in Congress and several federal agencies as well as cybersecurity agencies of other Five Eye countries, and is aimed at manipulating public opinion.

To this day, the US still owes us an explanation after the previous report was released, and the head of the US NSA continues to spread disinformation about the “Volt Typhoon,” Lin said.

Worse yet, the latest report reveals that the U.S. government pressured a cybersecurity firm to rewrite its technological analysis proving that “Volt Typhoon” is a ransomware group. It’s a clumsy cover-up tactic that clearly hasn’t worked and won’t work, Lin said.

He stressed that China strongly condemns the irresponsible behavior of the US. The US must always be held accountable to us and must immediately stop smearing and smearing China. We urge the US to act responsibly and contribute to peace and security in cyberspace.

ThreatMon did not respond to Global Times inquiries regarding the review and modification of the report as of press time.

Zhuo Hua, an international affairs expert at the School of International Relations at Beijing Foreign Studies University, told the Global Times on Monday that “the new report more comprehensively exposes the US intentions and operational process to frame China. China has mastered a complete chain of evidence, sufficient to prove that the so-called ‘Typhoon Volt’ is orchestrated by US intelligence agencies. Technically, it is self-produced and self-sold, and politically, it is a self-directed and self-acted international false narrative, which can be fully defined as a cognitive domain operation against China.”

“In the realm of international cybersecurity, the United States is the least qualified to point the finger, because it has no national credibility in this area. Over the past two decades, the world has watched the United States fabricate false intelligence to start wars. Its intelligence agencies conduct indiscriminate cyber espionage and surveillance on countries, including its allies, deploy cyber weapons, and cripple other countries’ critical infrastructure with real APT attacks. The United States is the primary threat that backs cyberattacks with national power.”

“Since China released the relevant investigation report in April, the United States has failed to respond, precisely because the facts revealed by China and the actions of the United States in international cyberspace have left the United States unable to respond,” Zhuo said.

“Another alarming trend is that behind the hype around the “Volt Typhoon,” we clearly see the motivation of intelligence agencies to expand their powers, interest groups to squeeze Chinese companies out of the U.S. infrastructure market, and anti-China politicians to emphasize “national security.” This tacit understanding, even collusion, between various sectors—government, business, and finance—exploits the U.S. strategy to contain China to gain domestic political and economic advantages. Once this atmosphere is created, the U.S. will undoubtedly concoct more incidents in the future, harming China’s interests and China-U.S. relations.”