China admits to cyberattacks on the US during secret talks

In December 2024, a covert meeting in Geneva brought together senior officials from China and the United States, marking a pivotal moment in the escalating cyber conflict between the two nations. This clandestine exchange, shrouded in secrecy, has since become a focal point for discussions on cybersecurity and the geopolitical tensions surrounding Taiwan. 

Sources familiar with the talks revealed that, a high-ranking cyber official from China’s Ministry of Foreign Affairs, made remarks that hinted at Beijing’s involvement in a series of cyberattacks targeting critical U.S. infrastructure. These comments, interpreted as a veiled threat, underscored the growing nexus between cyber warfare and international diplomacy.

The meeting, first reported by the Wall Street Journal, was chaired by Nate Fick, the Biden administration’s special envoy for cyber and digital policy. Over a dozen representatives from both nations attended, including senior U.S. officials from the State Department, National Security Council, Pentagon, and intelligence agencies. While Chinese representatives stopped short of explicitly admitting to state-sponsored hacking, their statements were perceived as an acknowledgment of Beijing’s role in cyber operations. This tacit admission has heightened concerns about the potential for cyberattacks to escalate into broader conflicts, particularly over Taiwan.

At the heart of the discussions was “Volt Typhoon,” a sophisticated hacking operation that has been under U.S. surveillance since 2023. This campaign targeted civilian infrastructure, including ports, water systems, airports, and power grids, raising alarms about its potential to disrupt logistics and communications in the event of a Taiwan conflict. Unlike previous instances where China attributed such attacks to rogue criminal groups, officials at the Geneva meeting framed these operations as countermeasures against U.S. military aid to Taiwan. This shift in narrative signals a deliberate escalation in China’s cyber strategy, aligning it with broader geopolitical objectives.

Adding to the complexity of the situation was the revelation of another Chinese cyber campaign, dubbed “Salt Typhoon.” This operation infiltrated major U.S. telecommunications providers, such as AT&T and Verizon, enabling eavesdropping on calls and texts of senior U.S. officials and politicians. The breadth and depth of these campaigns highlight China’s ambitions in the cyber domain, as well as its capacity to exploit vulnerabilities in critical infrastructure.

The implications of these revelations are far-reaching. The incoming Trump administration has reportedly prioritized bolstering U.S. cyber defenses, considering measures such as expanding military cyber operations and reevaluating federal cybersecurity frameworks. The State Department, while declining to comment directly on the Geneva meeting, issued a statement reaffirming its stance against China’s cyber activities. “We have made clear to the People’s Republic of China that we will take steps to counter their malicious cyber operations,” the statement read, emphasizing the severity of the threat to U.S. national security.

China, for its part, has dismissed these allegations as baseless. The Chinese embassy in Washington accused the U.S. of fabricating claims to smear Beijing, labelling reports of cyberattacks as misinformation. This denial, however, does little to assuage concerns about the growing cyber capabilities of the Chinese state. Experts like Dakota Kerry, a cybersecurity analyst at SentinelOne, have noted that any tacit approval of such attacks likely comes with the endorsement of Chinese President Xi Jinping. Kerry suggests that Beijing views Taiwan as the most probable flashpoint for a future U.S.-China conflict, using cyberattacks as a strategic deterrent to warn Washington against deeper involvement.

The Geneva meeting serves as a stark reminder of the intertwined nature of cybersecurity and international relations. As the U.S. and China navigate this high-stakes rivalry, the threat of cyberattacks looms large, challenging the resilience of critical infrastructure and testing diplomatic resolve. The U.S. faces the urgent task of fortifying its defences while signalling that China’s cyber aggression will not go unanswered.

Data underscores the gravity of the situation. According to a 2023 report by the Center for Strategic and International Studies (CSIS), cyberattacks on critical infrastructure have increased by 40% over the past five years, with state-sponsored actors accounting for a significant portion of these incidents. The report also highlights the economic impact of such attacks, estimating global losses at over $1 trillion annually. In the context of U.S.-China relations, these figures underscore the stakes involved in addressing cyber threats.

Moreover, the geopolitical implications of these cyber campaigns cannot be overstated. Taiwan, a self-governing island that Beijing considers a breakaway province, remains a central fault line in U.S.-China relations. The U.S. has long supported Taiwan through arms sales and diplomatic engagement, a stance that Beijing views as a direct challenge to its sovereignty. Cyberattacks, therefore, serve as a tool for China to assert its position while avoiding direct military confrontation.

As both nations grapple with these challenges, the need for robust cybersecurity measures becomes increasingly evident. For the U.S., this means not only enhancing its defensive capabilities but also fostering international cooperation to address the global nature of cyber threats. Initiatives such as the Cybersecurity and Infrastructure Security Agency’s (CISA) efforts to strengthen public-private partnerships are steps in the right direction. However, the evolving nature of cyber warfare demands continuous adaptation and innovation.

In conclusion, the Geneva talks highlight the precarious balance between diplomacy and deterrence in the realm of cybersecurity. As the U.S. and China continue to vie for influence, the stakes extend beyond the digital domain, encompassing economic stability, national security, and the broader international order. The revelations from these discussions serve as a wake-up call, underscoring the urgent need for vigilance and resilience in the face of an increasingly complex and interconnected world.