In a rare and revealing diplomatic exchange, Chinese officials have subtly acknowledged links to a series of cyber intrusions aimed at critical infrastructure across the United States, according to officials familiar with a confidential summit held late last year.
The admission, though indirect, was interpreted by U.S. diplomats as confirmation of China’s role in prolonged cyber campaigns that have infiltrated ports, power grids, water systems, and transportation hubs. The operations, known as “Volt Typhoon” among cybersecurity experts, are believed to be part of a broader strategy to gain control over U.S. systems in the event of a geopolitical crisis, particularly involving Taiwan.
The conversation took place during a closed-door meeting in Geneva attended by high-ranking U.S. officials from the intelligence and defense communities. According to sources, Chinese representatives suggested that these operations were in response to growing American military and diplomatic support for Taiwan.
Technical analysis of the Volt Typhoon campaign highlights advanced “living-off-the-land” methods, where attackers use built-in tools like PowerShell to evade detection. The hackers reportedly exploited vulnerabilities in widely used network hardware, maintaining long-term access via stealthy encrypted communications.
The summit also covered a separate operation, dubbed “Salt Typhoon,” which allegedly penetrated major U.S. telecom providers. This breach reportedly granted Chinese operatives access to sensitive communications of government personnel and political figures, including individuals involved in upcoming U.S. presidential campaigns.
These developments come amid escalating tensions between Washington and Beijing, with both nations trading economic blows and cyber capabilities increasingly becoming tools of strategic influence. U.S. officials have expressed growing alarm over foreign cyber actors embedding themselves within systems crucial to national safety and public life.
