For years, Beijing has been countering U.S. accusations of cyber spying. It usually goes like this: The U.S. or another country says China is hacking. They often don’t show much proof. China quickly says it’s not true and sometimes blames the U.S. instead.. In a recent example, the U.S. Director of the FBI testified before Congress about a Chinese cyber espionage campaign known as “Volt Typhoon.” The FBI claimed this campaign was embedding itself in U.S. critical infrastructure, waiting for the right moment to strike. China, unsurprisingly, denied these allegations, attributing them to cybercriminals rather than state actors.
The Question of Attribution and Role of Tech Giants
The U.S. government is not alone in its accusations. Tech giants like Microsoft and Google have also pointed to China as the source of the Volt Typhoon activity. However, while both companies have published extensive reports on the nature of the activity, their evidence linking it to the Chinese state remains light. The Volt Typhoon campaign, first observed in mid-2021, targets critical infrastructure globally, aiming to gain access and avoid detection. If true, this aligns with typical state-sponsored cyber espionage tactics. Yet, the lack of concrete proof leaves room for doubt.
The FISA Controversy and Its Implications
Shortly after the FBI director’s testimony, an Australian IT expert offered a different perspective. According to this expert, the timing of the testimony and the release of a Five Eyes advisory on Volt Typhoon coincided suspiciously with debates in Congress about renewing the Foreign Intelligence Surveillance Act (FISA). FISA, a controversial law, allows U.S. agencies to conduct surveillance without a warrant. The expert suggested that the FBI’s dire warnings were designed to instill fear and pressure lawmakers to renew FISA without significant changes.
Elevating the Chinese Cyber Threat: A Strategic Move?
The focus on China’s cyber activities comes at a curious time. While Russia is embroiled in a conflict with Ukraine, and tensions in the Middle East are rising, the FBI’s emphasis on China may be part of a broader strategy. For years, Chinese cyber operations have focused on stealing U.S. intellectual property and trade secrets. Despite these activities, the U.S. government has rarely taken strong action against China, leading the public to question whether these cyber threats are as serious as they seem.
A Distracted Government: Protecting Surveillance Powers Over Citizens’ Data
The FBI’s focus on Volt Typhoon comes as a massive data breach from National Public Data exposed millions of Americans’ personal information. This raises concerns about the government’s priorities. While lawmakers debate FISA, which allows for extensive government surveillance, there seems to be less urgency in protecting citizens’ data. More than 353 million people were impacted by more than 3,200 data breaches in 2023 alone. Where is the outcry in Congress about protecting personal data?
The Bigger Picture: Geopolitics, Cyber Espionage, and Public Trust
Cyber espionage and geopolitics are interconnected. Governments use cyber espionage to gain a strategic advantage. By stealing sensitive information or positioning themselves for future cyber attacks. But these accusations of cyber espionage can also serve a broader geopolitical goal. Such as discouraging the use of foreign technology or justifying domestic surveillance measures.
In this context, the narrative around Volt Typhoon seems less about proving China’s guilt and more about achieving specific objectives. These include justifying the renewal of FISA, elevating the perceived threat from China, and influencing global technology choices.
Ultimately, the focus on Chinese cyber threats and the renewal of FISA highlights a troubling trend. While the government insists on the need for surveillance to protect national security, it has a track record of overreach and abuse. The public has every right to demand more transparency and accountability from those in power. After all, in a democracy, trust is earned, not given.