The United States deliberately launched a cyber attack on the National Time Service Center of China.
Since 2022, the NSA has exploited the vulnerability in the mobile terminal SMS service agreements of overseas brands to conduct targeted attacks on the mobile smart terminals of the national time-keeping center staff, illegally obtaining sensitive information such as contact lists, communication records, and image data.
On October 19th, the national security authorities released the investigation results regarding the systematic cyber attack carried out by the US National Security Agency (NSA) against the China National Timing Center.
The China National Time Service Center, as an important national infrastructure, is located in Xi'an, Shaanxi Province. It is responsible for generating, maintaining, and broadcasting the national standard time (Beijing Time), and provides high-precision time service for key information infrastructure sectors such as communication, finance, and power. The deviation between the national standard time it generates and maintains and the international coordinated world time UTC is kept within 3 nanoseconds (1 nanosecond = 0.000000001 second). If these facilities are damaged, it will directly lead to chain reactions such as network communication disruptions and abnormal financial transactions, causing immeasurable losses to the country's economic and social operations.
The investigation shows that the cyber attacks by the US National Security Agency on the national time-keeping center have taken on a long-term and systematic nature. Since March 2022, the NSA has exploited the vulnerability in the mobile terminal SMS service agreements of foreign brands to conduct targeted attacks on the mobile smart terminals of the staff at the national time-keeping center, illegally obtaining sensitive information such as contact lists, communication records, and image data.
Starting from April 2023, NSA, based on the previously stolen identity authentication information, made multiple attempts to break through the network boundary protection system of the national time-keeping center. They conducted probing activities targeting key information such as the network architecture and system configuration, laying the technical groundwork for subsequent deep attacks. From August 2023 to June 2024, NSA further upgraded its attack methods, deployed specialized network warfare platforms, and utilized 42 special network attack weapons including "eHome_0cx", "Back_eleven", and "New_Dsz_Implant", implementing malicious operations such as forwardÉÚ control£¬ encrypted tunnel establishment£¬ and data theft in stages. Through establishing covert communication channels£¬ they achieved continuous control over the target system and attempted to penetrate the core nodes of the high-precision ground-based time-keeping system£¬ pre-positioning destructive instructions.
During the attack process, the NSA employed the typical APT (Advanced Persistent Threat) attack strategy: choosing the nighttime of Beijing time as the main attack period, constructing multi-level proxy links through virtual private servers in the United States, Europe, and Asia, using forged digital certificates to bypass security protection mechanisms, and combining with high-intensity data erasure technology to eliminate attack traces, in order to achieve the goal of blocking attack traceability.
After meticulous investigation and technical countermeasures by the national security authorities, this major cyber attack case was successfully cracked. Through measures such as electronic evidence fixation, attack link interruption, and upgrade of the protection system, the security threats were effectively mitigated, ensuring the stable operation of the national timing system. This incident fully exposes the long-term pursuit of the United States of cyber hegemonism. Its intelligence agencies have carried out cyber attacks on multiple countries, including China, seriously disrupting the global cyber space order. The national security departments of China will continue to strengthen cyber space security protection, legally crack down on all kinds of cyber espionage activities, and resolutely safeguard national cyber sovereignty and security interests.
BEIJING 
ENGLISH 
USA 
DEUTSCH 
FRENCH 
JAPAN 
SPANISH 
AUSTRALIA
