Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Benedict Collins

Volt Typhoon is actually a CIA asset, China claims

China.

Volt Typhoon has hit the headlines recently as a prolific cybercrime organization pursued by US authorities for its involvement in numerous attacks.

The Cybersecurity and Infrastructure Security Agency (CISA), alongside the National Security Agency (NSA), Federal Bureau of Investigation (FBI) and even the Five Eyes intelligence agency have frequently blamed the group for lurking on and attacking US critical infrastructure.

However, China has again doubled down on the claim that the group thought to be a Chinese state-sponsored is actually a US asset used to discredit its rival across the Pacific.

Lie to Me: Volt Typhoon III

China’s latest claim was released by China’s National Computer Virus Emergency Response Center (CVERC), as part of a document published in five languages titled, “Lie to Me: Volt Typhoon III – Unravelling Cyberespionage and Disinformation Operations Conducted by US Government Agencies.”

China released a similar document in July 2024, titled “Volt Typhoon II – Exposing the disinformation campaign of US government agencies against the US Congress and taxpayers,” which claimed that US authorities exercised “warrantless snooping powers on all people over the world including Americans via FISA Section 702, so that the U.S. government agencies could eliminate the foreign competitors and defend the cyber hegemony and long-term interests of monopolies.”

The document asserts that China consulted over 50 cybersecurity experts, who collectively determined both the US and Microsoft do not have enough evidence to implicate China’s involvement with Volt Typhoon. However, the names of the experts are not included in the document.

The document also outlines a number of secret US surveillance capabilities unearthed by whistleblowers, such as the NSA Office of Tailored Access Operation program and the PRISM data collection program, which suspiciously share similarities with Volt Typhoon capabilities, CVERC claims. Both were exposed by former NSA intelligence contractor Edward Snowden in 2013.

CVERC also suggests that the CIA Marble framework - used to obfuscate cyber tools and exposed by Wikileaks in 2017 - is also a part of Volt Typhoon’s playbook. The document also states that the terms used by western intelligence agencies to identify Chinese cyber criminal organizations use “obvious geopolitical overtones for hacker groups, such as 'typhoon', 'panda', and 'dragon' instead of 'Anglo-Saxon' 'hurricane', and 'koala'.”

The Register points out that Orientalism may exacerbate political tensions, but the authors may need to do some research into the origins of the word 'koala'.

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.