The Chinese Embassy in Canada publicly accused the US of conducting cyberattacks against its infrastructure targets, as a pointed diplomatic counter-offensive, vehemently denying any China cyber attack involvement in the “Brickstorm” malware campaign.
The US is currently moving to freeze new sanctions against Beijing to salvage whatever’s left of its already fragile negotiations. Only days before the Chinese spokesperson called the US as the ultimate “hacker empire” in Canada.
Lacking any bulletproof evidence, Beijing’s public accusations are part of a shadow cyber war between both superpowers, surfacing at a critical time for Trump administration as its tries to save face.
President Trump, following his frenzy tariff war, is trying to preserve a delicate diplomatic channel with President Xi, as evidently seen by the reportedly paused implementation of planned sanctions. A concession that will keep trade talks on track, despite past accusations of any China cyber attack on US.
“The administration appears to be giving ground on export controls to secure President Trump’s upcoming trip and buy time to diversify critical mineral reliance away from China,” said security expert, Zack Cooper.
The US needs to maintain a consistent flow of rare earth minerals, needed for the chips and defense systems. That need is another – or main – motive for Washington’s willingness to take a more aggressive stance.
China Cyber Attack Warning Ignored
When the Canadian Cyber Security Centre, alongside the US Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA), released a joint analysis regarding the Brickstorm malware, that’s when the weight of the China malware attack revealed Beijing’s stance on Washington cyber conduct towards its adversaries.
It basically confirmed that the Chinese government backed threat actors used the malware to infiltrate the systems of “government agencies, facilities, and IT organizations.”
Brickstorm which can run on Linux, VMware, and Windows systems, is described as sophisticated malware that allows China cyber attacks and attackers to “obtain credentials, control machines, move laterally across networks, and establish communication and data transfer tunnels.”
In one documented case, cyber war China attackers gained access to a VMware vCenter server in April 2024 and maintained control for over a year and a half.
A Chinese reporter’s inquiry regarding the report received a sharp rebuke, with the official stating, “The so-called analysis report ignores the United States’ rampant cyber attacks, while making baseless accusations against China. This is a classic case of the pot telling the cauldron it’s black, and it’s malicious. China firmly opposes it.”
The official urged Canada “to immediately stop following the US lead, to stop politicizing and stigmatizing cybersecurity issues, and to stop instrumentalizing cybersecurity issues to smear China.”
Prioritizing Commerce over Security
The decision to ‘pause’ war driving cyber security sanctions originally prepared by the Trump administration against the Ministry of State Security and its contractors reveals a main tension in US China policy.
The Salt Typhoon campaign, which reportedly broke into systems carrying unencrypted communications of top American officials, presents a clear and present danger to national security.
The dilemma here is that the China cyber attack continues to this point deny the hacking accusations, but its sophisticated China and cyber attacks nevertheless manage to reach the US and threaten critical infrastructure and sensitive information.
At the same time, America pauses sanctions regarding the art of cyber war, is to keep essential trade talks alive, creating an environment where China can gain more digital advantage, potentially viewing the lack of punitive action as tacit permission to continue its cyber espionage.
The intelligence threat from China administration’s focus on stability, coupled with internal debates over allowing the export of advanced chips like the Nvidia H200 to China, shows the difficulty of dissociating from the world’s second largest economy.
As officials work to manage the cyber attack in China détente, some within the government worry that holding back on sanctions may “weaken the US response to cyber threats.”
The American decision at this point is to cover up its economic relationship with China from the consequences of US vs China cyber warfare highlights a geopolitical calculation that, for now, sacrifices immediate security accountability for the supposed stability required to navigate a delicate China cyber warfare capabilities and essential global trade dynamic.
Inside Telecom provides you with an extensive list of content covering all aspects of the tech industry. Keep an eye on our Cybersecurity sections to stay informed and up-to-date with our daily articles.