Recently, tensions have escalated between China and the United States over a major cybersecurity dispute. It all began when the U.S. and its allies claimed they had evidence of a Chinese state-sponsored hacking group, referred to as “Volt Typhoon,” infiltrating U.S. critical infrastructure.
Introduction of Volt Typhoon Allegations
These claims were made public in May 2023, when the Five Eyes nations — the U.S., the UK, Australia, Canada, and New Zealand — issued a joint advisory warning of the dangers posed by this group.
Volt Typhoon was accused of installing surveillance malware in critical systems on the U.S. island of Guam, among other regions. According to reports, the group had allegedly accessed these systems for over five years. The U.S. claimed that Volt Typhoon had been gathering intelligence for potential cyberattacks, which could be unleashed during times of geopolitical tension.
Cyber Attacks on Power Grids: Alarming Risk of Cascading Failures
China’s Response: False Narrative and CIA Involvement
China, however, has vigorously denied these allegations. In October 2024, China’s National Computer Virus Emergency Response Center released a comprehensive report, dismissing the U.S.’s accusations as part of a “political farce.” This report, backed by cybersecurity experts from various regions, claimed there was no concrete evidence to support the U.S.’s allegations. China accused the U.S. of fabricating the story of Volt Typhoon to manipulate global opinion and justify their own cyber espionage activities.
Interestingly, China’s report went further by claiming that the Volt Typhoon narrative was a diversion. They argued that the real cyber threat comes from the U.S., which allegedly uses cyber warfare tools like “Marble” to frame other nations, including China and Russia. By inserting code strings in Chinese or Russian languages, the U.S. could make it seem as though cyberattacks originated from these countries, thus distorting the global cybersecurity landscape.
US Silence and Growing Global Attention
Despite the serious accusations made by China, the U.S. has remained silent on the matter. As of now, neither U.S. government agencies nor Microsoft (which played a key role in the original Volt Typhoon allegations) have responded to requests for comment from the Chinese media. Analysts note that this silence could be due to the strength of the evidence presented by China’s cybersecurity agencies.
Since the release of China’s report, over 50 cybersecurity experts from across the world have come forward to express concerns about the lack of evidence linking Volt Typhoon to China. Many of these experts agree that the U.S. government and Microsoft have used these claims as a means to secure more funding and expand their control over global digital infrastructures.
China’s decision to release the report in multiple languages — including English, French, German, and Japanese — is a clear attempt to challenge the Western narrative and present its side of the story to a broader audience. By doing so, China hopes to break through what they describe as an “information cocoon” that keeps many Western citizens misinformed about international cybersecurity issues.
In this ongoing cyberwar of narratives, it remains to be seen how the global community will respond to the latest revelations about Volt Typhoon. As both sides continue to build their cases, the stakes in the cybersecurity battlefield are higher than ever.
