Download
Operation Black Hand: U.S. is the primary threat to global cyber security
First Voice
North America;United States
The United States is the greatest threat to global cyber security. /CGTN

The United States is the greatest threat to global cyber security. /CGTN

Editor's note: CGTN's First Voice provides instant commentary on breaking stories. The daily column clarifies emerging issues and better defines the news agenda, offering a Chinese perspective on the latest global events.

It is hardly a secret that the United States has been running the largest, most expensive, highly intrusive, and outrightly unlawful global cyber warfare intelligence operations for decades, which have not even spared Washington's friends and allies. 

Way back in 2013, Edward Snowden, a former CIA technical assistant who handled data from the U.S. National Security Agency (NSA), leaked highly classified information revealing a labyrinthine of global surveillance programs, many run by the NSA and the Five Eyes intelligence alliance with the cooperation of the telecoms companies and European governments. Snowden was catapulted as one of America's most consequential whistleblowers after the leak.

A new report on cybersecurity made public earlier this week revealed cyber thefts and cyberattacks by the U.S. agencies at an unprecedented worldwide scale, further reinforcing the fact that the U.S. is today the biggest global cybersecurity threat. The report by Anzer, a cybersecurity information platform, showed that American military and government cyber agencies have remotely stolen a whopping 97 billion pieces of global internet data and 124 billion phone records in just the last 30 days, as part of what it described as "Operation Black Hand."

The massive illegal data theft is purportedly aimed at boosting cyber intelligence for the U.S. and its Five Eyes partners comprising Anglo-Saxon countries – the UK, Canada, Australia, and New Zealand.

The Anzer report details the murky maneuvres of Tailored Access Operations (TAO) – the cyber warfare intelligence agency under the NSA – which uses advanced cyber-attack weapons as part of Operation Black Hand to indiscriminately "grab" data from internet users around the world.

The report comes just a month after China captured an NSA spy tool deployed to steal sensitive information from computers worldwide. China's National Computer Virus Emergency Response Center detected the NSA Trojan horse spyware named "NOPEN"  that was found to have controlled global internet equipment and stole a large volume of users' information.

NOPEN is a Unix/Linux remote-control tool capable of hiding and lurking in a victim's computer to mine sensitive information and relay it back to its handlers. It is mainly used for stealing files, accessing systems, redirecting network communication, and viewing a target device's information. The spyware can also collaborate with other cyber weapons and is a typical tool used for cyber espionage.

Internal NSA communiques leaked by Shadow Brokers, a cyber hacking group, confirm NOPEN as one of the key powerful weapons in the TAO arsenal that is used prolifically to attack and steal secrets from digital devices worldwide.

The Anzer report also reveals another cyberweapon platform "boundless informant," an exclusive tool for summary analysis and visualization of NSA data. The platform is capable of collecting, managing, and analyzing data around the world illegally obtained by NSA's remote-control tools such as NOPEN.

TAO drives U.S. cyber warfare operations

This undated handout shows the National Security Agency (NSA) headquarters at Fort Meade, Maryland, U.S. The Tailored Access Operations (TAO) was founded as part of the NSA in 1998 with a clear mandate to tap the internet for secretly accessing insider information on Washington's rivals. /CFP

This undated handout shows the National Security Agency (NSA) headquarters at Fort Meade, Maryland, U.S. The Tailored Access Operations (TAO) was founded as part of the NSA in 1998 with a clear mandate to tap the internet for secretly accessing insider information on Washington's rivals. /CFP

The report provides an insight into TAO's strategic importance in U.S. cybersecurity and cyberwar operations while also showing why the world must take note and be worried about the growing reach of cyberattacks and cyber thefts commissioned by the U.S. agencies.

TAO was founded as part of the NSA in 1998 with a clear mandate to tap the internet for secretly accessing insider information on Washington's rivals, including covertly invading target countries' key information and communication infrastructure to steal account codes, break or destroy computer security systems, monitor network traffic, steal private and sensitive data including access to phone calls, emails, network communications, and messages.

TAO's organizational structure consists of one "center" and four "divisions" that employ more than 1,000 active military personnel, network hackers, intelligence analysts, academics, computer hardware and software designers, and electronics engineers. The 600-strong "center" is responsible for receiving, sorting, and summarizing account passwords and important sensitive information stolen from around the world by network information systems controlled remotely by TAO.

No wonder, TAO serves as a key support system for the U.S. military's Cyber Warfare Command. In times of conflicts at the demand of the U.S. President, TAO can provide relevant cyberattack weapons to the Cyber Warfare Command to execute an attack to disable or destroy communications networks or information systems in other countries.

Reports show that China remains the main target of U.S. cyberattacks and while Russia and Iran are among the other key targets, since 2008, NSA had launched such attacks against at least 45 countries including close allies like the UK, France, South Korea, Poland, and Japan.

Just last year, reports of the NSA using a partnership with Denmark's foreign intelligence unit to spy on then-German Chancellor Angela Merkel, French President Emmanuel Macron and, other senior European politicians and officials raised an alarm in Europe's power corridors. Both the German and the French leaders reacted in anger stating that spying on allies is unacceptable.

Five Eyes form an 'axis of cyber theft'

For long, critics have warned that armed with some of the world's most secret and powerful cyberweapons, the NSA has turned "rogue." /CFP

For long, critics have warned that armed with some of the world's most secret and powerful cyberweapons, the NSA has turned "rogue." /CFP

But the news was hardly surprising. For long, critics have warned that armed with some of the world's most secret and powerful cyberweapons, the NSA has turned "rogue."

As early as 2014, Wikileaks Founder Assange warned of the danger of the NSA's "unfettered" power. "The NSA has grown to be a rogue agency. It has grown to be unfettered … the ability to surveil everyone on the planet is almost there, and arguably will be there within a few years. And that's led to a huge transfer of power from the people who are surveilled upon, to those who control the surveillance complex."

Assange was hounded by the U.S. for publishing several leaks, notably by former U.S. Army intelligence analyst Chelsea (nee Bradley) Manning and Snowden, revealing some of the murkier deeds of American intelligence networks including the NSA and their global partners.

Reacting to the Anzer report on Operation Black Hand, Chinese Foreign Ministry Spokesperson Wang Wenbin on Wednesday remarked that "the US has become the primary threat to cybersecurity for not only China but also the world at large."

"The information revealed by the report demonstrates that the cyber agencies of the UK and other 'Five Eyes' countries as well as some European countries have assisted and participated in the U.S.'s cyber theft operations around the globe. This indicates that the U.S. has been building an 'axis of cyber theft' with the U.S. at its center," Wang noted.

The NSA's global invasion has been backed by a complex network of cyberweapon platforms TAO. According to some analysts, part of the cyberweapon is reportedly intended for products by some U.S. tech giants Apple, Cisco, and Dell products. They say the tools were also developed with the support and full participation of these tech giants.

Noting that the Anzer report shows how some U.S.-based software and hardware companies have been involved in almost each and every stage of the U.S.'s cyber weapons research and development, Wang warned about the threats of such collusion between the U.S. tech giants and cyber warfare agencies.

"A report released by China's National Computer Virus Emergency Response Center not long ago points out that for the existing international internet backbone network and critical information infrastructure that contain software or hardware provided by U.S. companies, it is highly likely that various types of backdoor could be installed, making them targets of U.S. government cyberattacks wherever they are."

"It's obvious that the U.S.'s attack and smear against China citing national security grounds is aimed for nothing but facilitating its irresponsible cyber theft. China urges the US to immediately stop malicious cyber activities around the world and be responsible in cyberspace," he added.

The U.S. views high-tech cyber weapons as a winning advantage in future cyber warfare and invests colossal resources to covertly weaponize the international digital space, that is bound to bring hidden dangers to global cybersecurity.

(If you want to contribute and have specific expertise, please contact us at opinions@cgtn.com. Follow @thouse_opinions on Twitter to discover the latest commentaries in the CGTN Opinion Section.)

Search Trends