Chinese officials have publicly accused the United States National Security Agency (NSA) of conducting sophisticated cyber intrusions aimed at critical Chinese industries during the 2024 Asian Winter Games. Authorities in Harbin, a city in northeastern China’s Heilongjiang Province, announced on Tuesday that three individuals allegedly linked to the NSA had been placed on a national wanted list for their roles in orchestrating these cyberattacks.
According to Chinese state media, these individuals—identified as Katheryn A. Wilson, Robert J. Snelling, and Stephen W. Johnson—allegedly played key roles in a broader effort to undermine China’s cybersecurity landscape. Investigators also claimed that two prominent U.S. academic institutions—the University of California and Virginia Tech—may have been complicit in the scheme. However, Chinese authorities did not disclose the specific nature of their involvement.
The report, published by the Xinhua news agency, accused the three NSA agents of executing repeated attacks against China’s digital infrastructure. Among the primary targets were major Chinese technology companies, including Huawei, as well as essential state-run facilities across energy, telecommunications, and defense research sectors. These cyber intrusions reportedly focused on compromising sensitive national systems and stealing confidential data that could potentially be used to destabilize the country.
Beijing Claims Attacks Were Timed With High-Profile Winter Event
The alleged cyber operation, according to Chinese authorities, coincided with the Asian Winter Games held in February 2024. Investigators believe the NSA’s intent was to disrupt China’s information systems and compromise the smooth execution of the Games. The timing, they argue, was strategic—aligned with major sporting events to maximize visibility and impact.
Xinhua reported that the cyberattacks peaked on February 3, during the first ice hockey match of the tournament. Authorities said attackers specifically targeted key systems such as the event’s registration portal, which contained critical personal and logistical data of athletes, officials, and support staff. The operation was allegedly designed to extract sensitive information related to event personnel while also gaining access to broader Chinese networks.
In addition to targeting the Asian Winter Games’ databases, the cyber intrusions allegedly extended to essential service sectors in Heilongjiang Province. These included national defense research centers, water utilities, energy systems, communication grids, and transportation networks. The public security bureau in Harbin stated that the attacks were intended to “sabotage China’s critical information infrastructure, create social instability, and exfiltrate highly sensitive intelligence.”
U.S. Embassies Remain Silent as China Demands Accountability
Despite the serious nature of the accusations, the U.S. Embassy in Beijing has so far declined to respond to China’s formal request for comment. Meanwhile, China’s Ministry of Foreign Affairs confirmed that it had raised the issue directly with American officials through diplomatic channels.
Speaking at a regular press conference, ministry spokesperson Lin Jian urged Washington to take a more responsible approach to cybersecurity and halt what he described as “unprovoked and baseless attacks” on China’s digital sovereignty. Lin also accused the United States of engaging in double standards by consistently portraying China as the aggressor in global cyber disputes while allegedly conducting offensive cyber operations of its own.
This incident marks a further deterioration in U.S.-China relations, which have already reached a boiling point due to escalating trade disputes, technology restrictions, and travel advisories. The Chinese government views the cyberattacks as part of a broader campaign by Washington to undermine Beijing’s economic and technological advancement.
China Details Tactics Allegedly Used by NSA Operatives
Xinhua’s report offered granular detail on how the NSA allegedly conducted its cyber offensive. The operations reportedly made use of pre-installed backdoors embedded within Microsoft’s Windows operating systems, which allowed the attackers to activate malicious code without detection on targeted devices.
To obscure the origin of the attacks, the NSA operatives allegedly purchased IP addresses in multiple countries and rented anonymous network servers across both Europe and Asia. This effort to decentralize and disguise the attack footprint, Chinese officials argue, demonstrated a high degree of planning and technical proficiency.
Xinhua also claimed that the attackers used the compromised systems to harvest personal data from foreign athletes participating in the Winter Games. The attacks, according to Chinese authorities, were not isolated incidents but part of a sustained espionage campaign that had broader strategic implications for national security.
In addition to targeting government and event-related infrastructure, the NSA allegedly mounted cyber offensives against leading Chinese tech firms such as Huawei, aiming to extract proprietary data and weaken China’s competitive edge in the global tech arena.
China Counters Years of Western Accusations With New Cyber Claims
The latest accusations come amid a shift in global cybersecurity narratives. For years, Western governments—particularly the United States—have accused Chinese-backed hackers of penetrating foreign governments, corporations, and critical infrastructure. In response, Beijing has now begun releasing its own findings, alleging that American intelligence agencies have long engaged in similar operations against Chinese entities.
Just last month, the U.S. Department of Justice announced multiple indictments against alleged Chinese hackers. These individuals reportedly targeted sensitive American institutions, including the Defense Intelligence Agency, Department of Commerce, and several foreign ministries across Asia. China, in turn, denied all involvement and accused Washington of spreading disinformation to justify its own cyber programs.
In December 2024, Chinese officials also claimed that American agents conducted at least two cyber intrusions on domestic tech companies between May and December. Those attacks, they said, were part of efforts to steal trade secrets. However, they declined to identify the agencies involved at that time.
Now, by naming individuals and institutions tied to the NSA, China appears to be taking a more assertive stance. The allegations serve both a diplomatic and strategic purpose—highlighting China’s grievances while also reinforcing its call for a more balanced global conversation on cyber conduct and digital ethics.
Conclusion: Cyber Clashes Reflect Deeper Strategic Rivalry
This latest round of accusations marks yet another flashpoint in the ongoing geopolitical rivalry between China and the United States. With both countries now openly accusing each other of cyber warfare, the battle has expanded far beyond trade disputes and military posturing. It now encompasses digital infrastructure, data sovereignty, and control over emerging technologies.
Beijing’s decision to publicly expose alleged NSA operatives and demand accountability marks a bold escalation. Whether this leads to retaliatory measures, increased diplomatic friction, or further cyber skirmishes remains to be seen. However, it is clear that the digital battleground has become a central front in the 21st-century struggle for global influence.
Let me know if you’d like a version focusing on international security implications, tech espionage risks, or diplomatic fallout.
