Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

US Says Chinese Military Behind Vast Aerial Spy Program

China’s spy balloon that crossed the US could collect intelligence signals and was part of a multi-national, military-linked aerial spy program, the Biden administration said.

China’s balloon that crossed the United States was equipped to collect intelligence signals and was part of a huge, military-linked aerial spy program that targeted more than 40 countries, the Biden administration said Thursday, outlining the scope and capabilities of the huge balloon that captivated the country’s attention before being shot down.

The fleet of balloons operates under the direction of the People’s Liberation Army and is used specifically for spying, outfitted with high-tech equipment designed to collect sensitive information from targets across the globe, the U.S. said. Similar balloons have floated over five continents, it U.S. said.

The statement from a senior State Department official offered the most detail to date linking China’s military to the balloon that traversed the U.S. before being shot down last Saturday over the Atlantic Ocean. The public details are meant to refute China’s persistent denials that the balloon was used for spying, including a claim Thursday that U.S. accusations about the balloon amount to “information warfare” against Beijing.

In Beijing, before the U.S. offered new information, Chinese Foreign Ministry spokesperson Mao Ning repeated her nation’s insistence that the large unmanned balloon was a civilian meteorological airship that had blown off course and that the U.S. had “overreacted” by shooting it down.

“It is irresponsible,” Mao said. The latest accusations, he said, “may be part of the U.S. side’s information warfare against China.”

China’s defense minister refused to take a phone call from Defense Secretary Lloyd Austin to discuss the balloon issue on Saturday, the Pentagon said. China has not answered questions as to what government department or company the balloon belonged to, or how it planned to follow up on a pledge to take further action over the matter.

The U.S. offered a flatly contradictory characterization of the balloon and its purpose. It said imagery of the balloon collected by American U-2 spy planes as it crossed the country showed that it was “capable of conducting signals intelligence collection” with multiple antennas and other equipment designed to upload sensitive information and solar panels to power them.

The official said an analysis of the balloon debris was “inconsistent” with China’s explanation that it was a weather balloon that went off course. The U.S. is reaching out to countries that have also been targeted, the official said, to discuss the scope of the Chinese surveillance program, and is looking into potential action that “supported the balloon’s incursion into U.S. airspace.”

The official provided details to reporters by email on condition of anonymity due to the sensitive nature of the matter, which had already forced the cancellation of a planned visit to China earlier this week by Secretary of State Antony Blinken.

The official said the U.S. has confidence that the manufacturer of the balloon shot down on Saturday has “a direct relationship with China’s military and is an approved vendor of the” army. The official cited information from an official PLA procurement portal as evidence for the connection between the company and the military.

This is not the first time the U.S. government has publicly called out alleged activities of the People’s Liberation Army. In a first-of-its-kind prosecution in 2014, the Obama administration Justice Department indicted five accused PLA hackers of breaking into the computer networks of major American corporations in an effort to steal trade secrets.

Alleged hackers with the PLA were also charged in 2020 with stealing the personal data of tens of millions of Americans in a breach of the credit-reporting agency Equifax.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.

Register

Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.

Register

Expert Insights

Related Content

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Nation-State

The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by...

Cyberwarfare

Iranian APT Moses Staff is leaking data stolen from Saudi Arabia government ministries under the recently created Abraham's Ax persona

Cyberwarfare

The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question...

Cyberwarfare

Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cyberwarfare

A newly identified threat actor tracked as NewsPenguin has been targeting military organizations in Pakistan with sophisticated malware.