For months, China has tried to turn the tables on the U.S. to counter accusations that it hacks America's computers and networks. Now, former intelligence contractor Edward Snowden may have handed Beijing a weapon in its cyber war of words with Washington.
In an interview with the South China Morning Post newspaper, Snowden claims the U.S. has long been attacking a Hong Kong university that routes all Internet traffic in and out of the semiautonomous Chinese region.
- 10 whistleblowers and the scandals they spurred
- Neil Macdonald: Obama's whistleblower conundrum
- Neil Macdonald: Big Brother listening, no one seems to care
- Read the South China Morning Post story
Snowden said the National Security Agency's 61,000 hacking targets around the world include hundreds in Hong Kong and mainland China, the paper reported late Wednesday. The Post, Hong Kong's main English-language newspaper, said Snowden had presented documents to support those claims, but it did not describe the documents and said it could not verify them.
Snowden's comments were his first since the 29-year-old American revealed himself as the source of a major leak of top-secret information on U.S. surveillance programs. He flew to Hong Kong from Hawaii before revealing himself, and the Post said he is staying out of sight amid speculation the U.S. may seek his extradition.
Snowden, who worked for the CIA and later as a contractor for the NSA, has revealed details about U.S. spy programs that sweep up millions of Americans' telephone records, emails and Internet data in the hunt for terrorists. American law enforcement officials are building a case against him but have yet to bring charges.
U.S. officials have disputed some of his claims, particularly his assertion to the Guardian newspaper of Britain that he "had the authority to wiretap anyone." He also said he made $200,000 a year, although contractor Booz Allen Hamilton, where he worked before being fired this week, said his salary was $122,000.
Snowden's allegations about U.S. hacking add a new twist to the long-running battle between Washington and Beijing over cybersecurity.
The U.S. been delivering a steady flow of reports accusing China's government and military of computer-based attacks against America. U.S. officials have said recently that the Chinese seem more open to trying to work with the U.S. to address the problems.
Snowden's allegations follow comments last week from China's Internet security chief, who told state media that Beijing has amassed huge amounts of data on U.S.-based hacking. The official held off on blaming the U.S. government, saying it would be irresponsible and that the better approach is to seek to co-operate in the fight against cyberattacks.
On Thursday, Ministry of Foreign Affairs spokeswoman Hua Chungying said China is a "major victim" of cyberattacks but did not lay blame.
Hacking since 2009
The reaction was stronger online. Air Force Col. Dai Xu, known for the hawkish opinions he voices on his Sina Weibo microblog, wrote: "I have always said, the United States' accusations about Chinese hacking attacks have always been a case of a thief crying for another thief to be caught."
The Post cited Snowden as saying the NSA has been hacking into computers in Hong Kong and mainland China since 2009, citing documents he showed the paper, which it said it could not verify. It didn't provide further details about the documents.
He said that among the targets was the Chinese University of Hong Kong, which hosts the Hong Kong Internet Exchange, the main hub for the city's Internet traffic. Set up in 1995, it allows all data between local servers to be routed locally instead of having to pass through exchanges in other countries, including the United States.
"We hack network backbones — like huge Internet routers, basically — that gives us access to the communications of hundreds of thousands of computers without having to hack every single one," Snowden told the Post.
Included Hong Kong officials
According to Snowden's documents, other NSA hacking targets included Hong Kong public officials, students and businesspeople, as well as targets on the mainland, though they did not include Chinese military systems, the paper said, without providing further details.
A large number of mainland Chinese businesses, including ones that are state-owned, have offices in Hong Kong, a former British colony that passed back to Chinese control in 1997. The People's Liberation Army has a base in Hong Kong and the Beijing central government and foreign affairs department have offices.
The university is also home to the Satellite Remote Sensing Receiving Station, which captures data and imagery used to monitor the environment and natural disasters in a 2,500-kilometre radius around Hong Kong, an area that includes most of mainland China and Southeast Asia.
Staff at the facilities did not return phone calls.
The school said in a statement that "every effort is made to protect" the exchange, which is monitored around the clock to defend against threats.
Also a victim
"The university has not detected any form of hacking to the network, which has been running normally," it said.
At a meeting in California last week, President Barack Obama pushed Chinese President Xi Jinping to do more to address online theft of U.S. intellectual and other property coming from China. Xi claimed no responsibility for alleged cyberespionage and said China was also a victim.
Virginia-based cybersecurity firm Mandiant published a detailed report in February directly linking a secret Chinese military unit in Shanghai to years of cyberattacks against U.S. companies.
In November 2011, U.S. intelligence officials publicly accused China for the first time of stealing American high-tech data for economic gain.