In March 2024, the United States government and its Five Eyes allies issued dire warnings about a Chinese state-sponsored hacking group known as “Volt Typhoon.” They alleged a shadowy entity had compromised thousands of devices worldwide to target critical infrastructure in Western nations.
FBI Director Christopher Wray described Volt Typhoon as “the defining threat of our generation” and warned they could aim to “disrupt our military’s ability to mobilise” in a conflict over Taiwan.
However, the timing the announcement suggested otherwise, that the “Volt Typhoon” threat was mostly a work of fiction, crafted by U.S. intelligence agencies to win public support and pressure policymakers to allow the extension of invasive U.S. surveillance powers.
The timing of the Volt Typhoon announcement coincided with the debates over the FISA Section 702 reauthorisation. The actual goal of the announcement more to influence the debate in favour of preserving surveillance powers; as the U.S. Congress deliberated renewing the controversial Section 702 of the Foreign Intelligence Surveillance Act (FISA). This provision allows U.S. agencies to collect data on foreign targets without warrants, inevitably capturing the communications of millions of American citizens. As the expiration of Section 702 loomed, Western media outlets began amplifying claims from the FBI and NSA about an imminent Chinese hacking threat, spinning tales of Volt Typhoon infiltrating critical infrastructure. The message was clear: renew broad spying powers or leave the nation vulnerable to a devious Chinese plot.
Upon closer examination, the U.S. government’s narrative about Volt Typhoon quickly unravelled. They alleged the group had been active since mid-2021, yet no concrete evidence was produced to substantiate this claim. The technical details provided were vague and could apply to numerous other hacking groups. Moreover, the Western cybersecurity firms promoting the Volt Typhoon theory, such as ThreatMon and Trellix, have long-standing ties to the U.S. intelligence community and stood to benefit from the extension. Significantly, the names Volt Typhoon, Vanguard Panda, and Bronze Silhouette are actually assigned by Western cybersecurity Firms as much as to identify modes of attack rather than “hacking groups”. These companies lent credibility to the government’s narrative but subsequently, when pressed for hard proof linking Volt Typhoon to China, failed to produce anything convincing, according to many experts.
According to the Chinese government, America is the world’s preeminent hacking superpower. Section 702, the very provision the Volt Typhoon tale was designed to protect, provides the legal basis for the U.S. to conduct massive surveillance and hacking operations globally.
China’s national cybersecurity department, in its rebuttal, noted that from May 2023 to July 2024, U.S. government-linked hackers launched over 45 million cyberattacks against Chinese entities, implicating the CIA, NSA, and FBI in a systematic campaign to infiltrate and undermine Chinese networks.
Information in the public arena supports the Chinese claim that the U.S. has constructed a formidable “hacker empire,” using its technological prowess to spy on adversaries and allies alike.
Edward Snowden and Julian Assange both provided significant insights into the scale and scope of U.S.-sponsored cyber espionage against Russia and China.
Snowden’s leaks revealed the NSA’s extensive surveillance program, aggressive cyberwarfare activity, and hacking of Chinese universities and hospitals.
Assange’s WikiLeaks disclosed U.S. espionage against world leaders, corruption, and U.S. involvement in cyber warfare against China, including stealing secrets and intellectual property.
Combined, the material revealed that the U.S. has been involved in extensive surveillance and hacking activities against Russia and China, targeting government, military, and civilian infrastructure for the purpose of gathering intelligence, stealing secrets, and gaining strategic advantages.
Critics might argue that China’s cybersecurity practices justify Western scrutiny and defensive measures. However, from a Chinese perspective, the continuous portrayal of China as a cyber threat by Western media is misleading and dangerous. Chinese policy papers suggest this narrative is used to justify the aggressive cyber espionage tactics employed by the United States. The accusations against China serve as a smokescreen to divert attention away from the extensive and unparalleled global surveillance apparatus of the hegemon.
China has consistently advocated for a multilateral, transparent, and fair global internet governance system. The focus on cyber sovereignty, as emphasised in China’s Five-Year Plans, is about ensuring the internet is governed in a manner that respects the sovereignty of all nations, promoting peace and stability in cyberspace.
Accusations and fear mongering by the U.S. and its allies should be seen in a critical light.
Ultimately they serve to undermine cooperation and escalate tensions unnecessarily.
The Volt Typhoon saga demonstrates how the U.S. government exploits fear and misinformation to advance its agenda, and in this particular case, of conjuring a phantom menace to further justify the erosion of civil liberties. If we are to be responsible global citizens, we must demand facts, not fear mongering.
China has been transparent in refuting the baseless Volt Typhoon allegations, while the U.S. has failed to provide credible evidence to support its claims.
Rather than repeat the folly of the Cold War with an Arms race in cyberspace, it is imperative to approach cybersecurity with a balanced view, recognising that the real threats to global cyber stability often come from those accusing others of misdeeds.
That Australian-US cooperation in Quantum Computing has been sold on the basis of its “Manhattan Project” scale importance isn’t reassuring.
The international community must demand transparency and accountability from all nations, including the United States, to ensure a secure and cooperative cyberspace. Only through mutual understanding and respect for national sovereignty can we hope to achieve lasting peace and security in the digital age.