China Uncovers NSA Cyberattacks Targeting National Time Center

China has recently revealed evidence of cyberattacks linked to the United States National Security Agency (NSA), targeting China’s National Time Service Center in Xi’an. This critical agency manages the production, maintenance, and broadcast of “Beijing Time,” which underpins the country’s communications, finance, energy, transport, surveying, defense, and other major sectors. The Center’s role includes supplying vital data used for calculating international standard time and operates world-leading measurement and timing systems as part of China’s national scientific infrastructure.

According to the Ministry of State Security, the NSA’s cyber operations began in March 2022, using security vulnerabilities in certain overseas smartphone messaging services to infiltrate the mobile devices of key personnel at the Center. The attackers extracted sensitive stored information, compromising confidential data. From April 2023, the NSA actors reportedly leveraged stolen login credentials to access the Center’s computers, gaining intelligence on internal systems and networks.

Between August 2023 and June 2024, the attackers escalated their operations, deploying various specialized cyberweapons to launch intense attacks against multiple internal networks at the Time Service Center. During this period, 42 new forms of cyber tools and tactics were reportedly used in attempts to penetrate deeper into high-precision infrastructure, with the intention of installing disruptive capabilities. The cyberattacks mostly occurred during late-night hours in China and made use of global servers to disguise their origin, including infrastructure based in the US, Europe, and Asia. Techniques employed included the use of fake digital certificates to evade antivirus protections and advanced encryption methods to erase traces of intrusion.

The authorities warn that attacks against such pivotal facilities could disrupt the stability of Beijing Time, potentially causing problems with digital communications, chaos in the financial system, outages in electricity networks, failures in transport operations, and even complications in aerospace missions. A collapse in the operation of these timing systems could also create international timing confusion with wide-reaching impacts.

China’s security agencies claim to have responded by gathering evidence, instructing the Time Service Center in mitigation and cleanup activities, severing attack vectors, and upgrading protective measures to eliminate risks. They frame the discovery as part of ongoing efforts to protect national security infrastructure from espionage and sabotage, noting the recurring pattern of global cyber intrusions alleged to originate from US intelligence agencies. Chinese authorities call for increased vigilance across essential infrastructure operators and urge public and organizational cooperation in reporting suspected espionage.