China claims it caught US attempting cyberattack on national time center

Editor's note: This article was updated at 2:45 p.m. EST with comment from an NSA official. 

Chinese authorities accused the U.S. on Sunday of compromising the National Time Service Center (NTSC), a research institute responsible for providing timekeeping services in China for national security applications. 

It is the latest allegation in a series of what Western commentators see as attempts by Beijing to deflect Western criticisms of its own cyber operations. It follows a joint advisory issued in August by intelligence and cybersecurity agencies across more than a dozen allied countries blaming three Chinese technology companies for cyber-espionage campaigns targeting global critical infrastructure.

China’s Ministry of State Security (MSS) said it had obtained “ironclad evidence” that the National Security Agency had attempted to “steal state secrets and conduct cyber espionage” against the national time center, as reported by state-controlled newspaper the Global Times. The NTSC is functionally equivalent to the U.S. Naval Observatory.

China's national computer emergency response team published a technical analysis of the incident. Unlike the hacking activities detailed in the August joint advisory, the MSS claim is not supported by statements from China’s allies or by private sector reporting. 

"NSA does not confirm nor deny allegations in the media regarding its operations," an agency official said. "Our core focus is countering foreign malign activities persistently targeting American interests, and we will continue to defend against adversaries wishing to threaten us."

The MSS described the U.S. campaign as attempting to preposition within the NTSC’s Accurate Ground-based Time Service System (AGTSS) — essentially a terrestrial backup to China’s national GPS — to “disable and sabotage the system.”

The Global Times reported that an investigation into the compromise by China’s national computer emergency response team found the NSA demonstrating both “advanced cyberattack capabilities” alongside “a lack of genuine innovation.”

It stressed: “The state security authorities of China responded effectively at every stage, securing evidence of the US cyberattacks, guiding the National Time Service Center's investigation and remediation, cutting off the attack chains, upgrading defenses, and eliminating potential security risks.”

War of words

Although the MSS described the U.S. as “repeatedly trampling on international norms governing cyberspace,” the activity it described — the specific targeting of a service with military applications — would not necessarily be considered a breach of non-binding cyber norms agreed to at the United Nations.

China’s statements may be designed to deflect from criticisms that its own apparatus is in breach of those norms. The criticisms include the attempted repression of pro-democracy dissidents and critics, as well as the targeting of purely civilian infrastructure in the West.

Back in September 2022, China denounced the U.S. Embassy in Beijing following a joint report from two of the country’s most prominent cyber authorities accusing the NSA of stealing “sensitive information” from Chinese institutions.

The Northwestern Polytechnical University, which the NSA was at that time accused of targeting, is considered to be “a Chinese military university that is heavily involved in military research,” according to the U.S. Department of Justice — and thus likely to be seen as a legitimate target for espionage under international law.

In July 2023, Chinese officials also accused the U.S. of hacking earthquake monitoring equipment. The officials’ statements describing the alleged hack as a violation of international law and the data as being of legitimate intelligence value — for instance in detecting subsurface nuclear testing — appear to be inconsistent.

Typically, espionage related to military capabilities is not considered to be a violation of international law, though there is some ambiguity around the interpretation of the UN Charter on the matter. The U.S. explicitly considers espionage a legitimate part of statecraft. It avows the existence of its intelligence agencies and has legislation governing their operations domestically and abroad., although domestic laws allow for the prosecution of spies as a criminal matter.

Beijing does not publicly avow engaging in foreign espionage activities. The country has been criticized in the West for what are perceived to be the overly-broad powers afforded to its security apparatus, and for what is believed to be the state support for cyber operations compromising intellectual property for Chinese companies’ commercial advantage.

Correction: A previous version of this article said Chinese authorities had not provided evidence of a cyberattack affecting the National Time Service Center. China's computer emergency response team published a technical analysis of the incident.