China has accused the United States of carrying out a years-long cyberespionage campaign against its National Time Service Center, warning that the breaches could have jeopardized critical systems, including communications, finance, and the country’s power grid.

In a statement released Sunday on its official WeChat account, China’s Ministry of State Security said the US National Security Agency (NSA) had conducted repeated cyberattacks on the center, which operates under the Chinese Academy of Sciences and is responsible for maintaining and broadcasting the nation’s standard time.

According to the ministry, investigators traced the attacks back to 2022, when US operatives allegedly stole data and credentials that were later used to infiltrate staff mobile devices and internal network systems. The ministry claimed that the NSA had “exploited a vulnerability” in the messaging service of an unnamed foreign smartphone brand to access employees’ devices.

Serious risk to Chinese infrastructure 

Related News

Netanyahu reveals details on Sayyed Nasrallah strike, pagers attack

Hamas rejects US accusations of ceasefire violations in Gaza

The statement added that the United States attempted to compromise the center’s high-precision, ground-based timing system between 2023 and 2024, posing a serious risk to the nation’s infrastructure. “If successful, the intrusion could have disrupted communication networks, financial transactions, power distribution, and even the international standard time,” the ministry warned.

In recent years, both China and the United States have accused each other of large-scale hacking operations targeting government institutions, research centers, and critical industries.

The ministry’s statement also comes as tensions intensify over trade and technology. Beijing recently expanded its export controls on rare earth minerals vital to the US defense and tech industries, while Washington has threatened to impose higher tariffs on Chinese goods amid an ongoing economic standoff.

2022 attacks

Back in September 2022, China’s National Computer Virus Emergency Response Center, and internet security company 360,  formed a joint technical team to conduct a comprehensive technical analysis of the case and investigate the attack.

After collecting multiple trojan samples from internet terminals of Northwestern Polytechnical University, with the support of European and South Asian partners, the team initially diagnosed that the cyberattack was conducted by the Tailored Access Operations (TAO) (Code S32) under the Data Reconnaissance Bureau (Code S3) of the Information Department (Code S) of the US’ NSA (National Security Agency). 

TAO, founded in 1998, is the largest and most significant part of the intelligence division of the NSA and its main responsibility is to secretly access the insider information of its competitors through the internet, invade target countries' classified information infrastructure to steal account codes, break computer security systems, monitor network traffic, invade privacy and steal sensitive data such as access to phone calls, emails, network communications, and messages.