China names alleged US snoops over Asian Winter Games attacks

April 15, 2025 TH Author

China’s state-run press has taken its turn in trying to highlight alleged foreign cyber offensives, accusing the US National Security Agency of targeting the 2025 Asian Winter Games.

The US Department of Justice does a good job of updating the Western world on all the alleged Chinese cyberattacks against its critical infrastructure, and the Harbin city police has now named three NSA agents supposedly involved in the digital assault.

Via Weibo, Harbin police accused Katheryn A. Wilson, Robert J. Snelling, and Stephen W. Johnson of attacks against the Winter Games’ event information system and key information infrastructure in Heilongjiang province, where Harbin is located.

All three are allegedly members of the NSA’s Tailored Access Operations (TAO) offensive cyber unit and a bounty was issued for information that could lead to their arrest. The rewards associated with that bounty were not disclosed.

According to information published by state-run media outlet China Daily, the TAO targeted systems were used for registration, timekeeping, and competition entry at the Games – all of which store “vast amounts of sensitive personal data.” It also stated the TAO appeared to be trying to implant backdoors.

The publication went on to say the NSA used multiple front organizations to purchase servers in Europe and Asia to conceal its tracks and acquire the tools used to breach Chinese systems. The description of events is notably similar to that of the US, UK, or other Western countries when detailing attacks from China, Russia, North Korea, and Iran.

A joint report [PDF] from China’s computer emergency response centers (CERTs) earlier this month stated that more than 270,000 attacks on the Asian Winter Games were detected, 170,000 of which were allegedly launched by the US. The others were allegedly carried out by Singapore, the Netherlands, Germany, and South Korea.

The attacks were characterized as attempted vulnerability exploits – mainly arbitrary file read and SQL injections – port scanning, and network snooping.

The report reads: “The situation above shows that during the hosting of large-scale international sports events in China, foreign hostile forces spare no effort to destroy and interfere with the normal operation of the sports events through cyber attacks, and even try to create chaos and steal sensitive information by attacking critical network infrastructure in China.

“We strongly condemn such malicious cyberattacks against international civilian exchange activities, and we will submit the details and artifacts of these attacks to the public security sector.”

China further accused the US of attacks on energy, transportation, water resources, telecommunications, and defense research institutions located in Heilongjiang province.

The TAO is a well-known special forces group within the NSA, staffed by talented offensive cybersecurity professionals who are ostensibly tasked with running intelligence-gathering operations. Much of its work is highly classified, as are the identities of those involved.

China Daily went on to say that China’s “technical teams” claimed to have found evidence that the University of California and Virginia Tech were involved in the attacks on the Games.

The Register asked the NSA for comment; it confirmed it was considering a response. Neither university immediately replied.

We don’t tend to often hear about offensive cyberattacks stemming from the West, though it’s not unheard of either.

In September 2023, China accused the US of hacking Huawei as early as 2009, along with other attacks.

The Ministry of State Security declared over WeChat at the time that US intelligence “began to invade servers at Huawei headquarters and continued to monitor them”. China’s CERT later accused the TAO of trying to implant Second Date – an allegedly proprietary spyware – during an incident at Northwestern Polytechnical University.

Notably, both these news stories coming from China and the one regarding the Asian Winter Games followed tumultuous geopolitical events.

September 2023’s comment came months after it emerged that Huawei’s profits had halved following aggressive US sanctions placed on the Chinese tech giant over fears about potential harms to national security.

Today’s accusations follow weeks of tumultuous tariff-related feuds between Washington and Beijing.

President Trump’s ambition to aggressively tariff China and other nations it believes benefit from trade imbalances with the US has seen frequent revisions to the plans and retaliations from China.

The situation has led to substantial confusion for investors, the general public, and in all areas of business and government. ®