China’s Ministry of State Security (MSS) has accused the United States National Security Agency (NSA) of executing a planned cyberattack against the National Time Service Center (NTSC). The Chinese agency described the U.S. as a “hacker empire” and “the greatest source of chaos in cyberspace.” According to MSS, the attack targeted China’s official time infrastructure, also known as Beijing Time, and was successfully blocked.
Details of the Alleged NSA Attack
In a WeChat statement, the MSS said it had discovered “irrefutable evidence” proving the NSA’s involvement in an intrusion that began on March 25, 2022. Although the attack was foiled, officials stated that it was part of a broader espionage operation intended to steal sensitive information and sabotage national systems.
The National Time Service Center, established in 1966 under the Chinese Academy of Sciences (CAS), is responsible for creating, maintaining, and transmitting the official Beijing Time standard. The MSS noted that any disruption to this system could cause severe national consequences, including failures in network communication, financial transactions, power grids, transportation, and even space launches.
“This operation thwarted U.S. attempts to steal secrets and conduct sabotage through cyberattacks, fully safeguarding the security of ‘Beijing Time,’” said the MSS.
Exploitation of SMS Vulnerabilities
The MSS claimed that the NSA exploited security flaws in a foreign brand’s SMS service to secretly hack into mobile devices used by NTSC employees. This compromise allegedly allowed the theft of sensitive internal data. However, the Chinese agency did not disclose which vulnerabilities were exploited.
Stolen Credentials and Continued Intrusions
On April 18, 2023, MSS reported that the NSA used stolen login credentials to repeatedly access NTSC computers to analyze their infrastructure. Between August 2023 and June 2024, the attackers allegedly deployed a “cyber warfare platform” equipped with 42 specialized tools designed for multi-stage attacks against multiple internal systems at NTSC.
These attacks reportedly included lateral movement attempts aimed at reaching a ground-based high-precision timing system, with the goal of disrupting Beijing Time operations.
Use of VPS and Anti-Forensic Tactics
According to MSS, the cyber operations were launched during late-night and early-morning hours in Beijing. The NSA allegedly used Virtual Private Servers (VPS) located in the United States, Europe, and Asia to disguise the origin of the attacks.
“They forged digital certificates to bypass antivirus software and used advanced encryption algorithms to erase traces of their attacks, leaving no stone unturned in their infiltration efforts,” MSS added.
China’s Response and Wider Accusations
MSS stated that China’s national security agencies successfully neutralized the cyberattack and reinforced the digital defenses of the time service system. It further accused the U.S. of ongoing global cyber operations against China, Southeast Asia, Europe, and South America.
The ministry also alleged that the U.S. exploits technological bases in the Philippines, Japan, and Taiwan Province to conduct and disguise its cyber activities.
“At the same time, the U.S. continues to promote the so-called ‘China cyber threat theory,’ manipulating other countries to exaggerate hacking incidents, sanctioning Chinese enterprises, and prosecuting Chinese citizens in an effort to mislead global opinion,” MSS stated.
