CHINA TRACES ‘VOLT TYPHOON’ BACK TO US INTELLIGENCE

‘False flag’ ops seek to get more funding, intensify domestic and global surveillance

On Oct 21, 2024

China's Computer Virus Emergency Response Center (CVERC), announced that it found proof tracing back the cybercriminal hacker's group, 'Volt Typhoon' to the United States intelligence community, conducting false flag operations against China to get more funding from the United States Congress and intensify the US' global espionage operations in cyberspace.

A JOINT report by respected cyber offices in China has traced the source of the so-called ‘Volt Typhoon,’ a “cybercriminal hacker’s group” backed to the intelligence and investigative units of the United States under the supervision of the National Security Agency.

The report, ‘Volt Typhoon III: A Cyber Espionage and Disinformation Campaign conducted by US Government Agencies,’ released by the National Computer Virus Emergency Response Center (CVERC) and the National Engineering Laboratory for Computer Virus Prevention Technology (NELCVPT) last October 14, 2024, concluded that Volt Typhoon is “just one of many operations initiated by the US intelligence agency” (NSA) against China.

The official logo of the National Security Agency of the United States, tagged by Chinese authorities as behind the existence and operation of Volt Typhoon, a cybercriminal hacker’s group.

“Hackers from United States cyber forces and intelligence agencies disguise themselves like ‘chameleons’ in cyberspace by posing as other countries to conduct global cyberattacks and espionage operations, while also pouring dirty water on non-US allies like China,” commented China Daily on the same day the report was released.

Microsoft involvement

In order to hide the NSA’s role as the puppeteer, the issue of Volt Typhoon’s alleged existence was first raised by Microsoft, an American global tech company long known to have been compromised and working closely with the US national security establishment, along with Meta (Facebook) and Google.

In a statement on May 23, 2023, Microsoft’s ‘Threat Intelligence’ unit, claimed it has “uncovered” Volt Typhoon, a “state-sponsored threat actor” (China) whose aim is “focused on post-compromise credential access and network system discovery aimed at critical infrastructure organizations in the United States.”

Aside from the US mainland, Microsoft claimed it traced Volt Typhoon operations in the island of Guam, a US military base in the North Pacific. The company claimed China has been operating Volt Typhoon since “mid 2021.”

“Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises.

“Microsoft is choosing to highlight this Volt Typhoon activity at this time because of our significant concern around the potential for further impact to our customers,” the company said as it doubled down on the lies and deception regarding the real origin of Volt Typhoon.

Adding to its anti-China campaign, Microsoft, in another advisory last January 25, 2024, added:

“The actor that Microsoft tracks as Volt Typhoon is a nation-state activity group based out of China.

“Volt Typhoon is known to primarily target the United States and the manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. Volt Typhoon focuses on espionage, data theft, and credential access,” Microsoft claimed.

The disinformation campaign gained further credence after Volt Typhoon was “vetted” by the so-called ‘Five Eyes’ comprising the intelligence agencies of the United States, Canada, United Kingdom, New Zealand, and Australia.

In a so-called ‘Cyber Security Advisory (CSA) on May 24, 2023, the group branded their own created cybercriminal group as an “advanced persistent threat group.” Curiously, their advisory came just a day after Microsoft’s announcement.

What the CEVRC discovered

Internal investigations conducted by Chinese authorities, however, revealed a different picture.

The cover page of the October 14, 2024 of CVERC that concluded ‘Volt Typhoon’ is a “false flag” operation of the United States against China.

In a report on April 15, 2024, CVERC, along with the (NELCVPT) and the ‘360 Digital Security Group’ concluded that Volt Typhoon is nothing less than “a conspiratorial swindling campaign which intended to ‘kill two birds with one stone’ by hyping the ‘China threat theory’ and cheating money from the U.S. congress and taxpayers” (Volt Typhoon： A Conspiratorial Swindling Campaign targets with U.S. Congress and Taxpayers conducted by U.S. Intelligence Community).

A follow-up report by the group on July 8, 2024, also concluded that the Volt Typhoon phantom is a “collusive fraud operation” by US intelligence agencies (“Volt Typhoon” – a collusive fraud operation by United States intelligence agencies against the United States Congress and taxpayers).

Not surprisingly, the CVERC noted that after the release of the first 2 reports, they were met with deafening silence from Microsoft, the US intelligence agencies and the Five Eyes.

“After the release of the reports, the lie makers, the U.S. Agency for Global Media, and the mainstream media in the U.S. and the West under their control remained silent as always.”

However, it added that after the reports got the attention of the global community, “more than 50 cybersecurity experts from the U.S., Europe, Asia and other countries and regions contacted CVERC via various means.”

They believed that the U.S. and Microsoft lacked effective evidence to associate Volt Typhoon with China and expressed concern about the U.S. false narrative of Volt Typhoon,” CVERC said.

The agency also warned the global community of being wary of US “false flag operations” as it accused the United States of being a “robber acting like a cop or an ostrich burying its head in the sand” (next: the US “Marble tool kit” used for cyberespionage and sabotage).