China Accuses U.S. Of Launching Advanced Cyber Attacks During Asian Winter Games - 1

Photo by Azamat E on Unsplash

China Accuses U.S. Of Launching Advanced Cyber Attacks During Asian Winter Games

  • Written by Andrea Miliani Former Tech News Expert
  • Fact-Checked by Sarah Frazier Former Content Manager

The Chinese police accused the National Security Agency (NSA) of the United States and two American universities of launching “advanced” cyberattacks targeting essential industries in February, during the Asian Winter Games.

In a rush? Here are the quick facts:

  • The Chinese police reported that three NSA agents and two American universities were involved in a recent cyberattack.
  • The malicious actors targeted multiple businesses—including Huawei—, institutions, and systems containing private data.
  • The incident took place in February, during the Asian Winter Games

According to Al Jazeera , the state news agency Xinhua shared a report this Tuesday revealing that officials from the police of the city of Harbin blame three agents from the NSA, as well as the Virginia Polytechnic Institute and State University, and the University of California, as collaborators for recent malicious intrusions.

The Chinese police explain the cyberattacks were held “against important industries such as energy, transportation, water conservancy, communications, and national defence research institutions in Heilongjiang province.” However, they didn’t provide details on how the universities were involved.

According to Reuters , the Chinese police revealed the names of the NSA agents, and shared that, according to its investigation, the individuals have “repeatedly carried out cyber attacks on China’s critical information infrastructure and participated in cyber attacks on Huawei and other enterprises.”

The police’s report adds that the cyberattacks had “the intention of sabotaging China’s critical information infrastructure, causing social disorder, and stealing important confidential information.”

Xinhua’s article reveals that the NSA attack was possible as they suspect the agents used “pre-installed backdoors” through specific devices with Microsoft Windows used during the Winter Games and used different IP addresses purchased and rented network services in Asia and Europe to cover tracks.

The NSA allegedly attacked the Asian Winter Games registration system to get private data from people at the event.

“We urge the U.S. to take a responsible attitude on the issue of cyber security and … stop unprovoked smears and attacks on China,” said Lin Jian, a ministry spokesperson, in a recent news briefing.

The report on the cyberattack comes at a time of tension following the recent imposition of tariffs by the United States on China , and joins the list of recent accusations of attacks that the two countries have made against each other.

U.S. Government Funding For CVE Cybersecurity Program Set to Expire - 2

Photo by Glen Alejandro on Unsplash

U.S. Government Funding For CVE Cybersecurity Program Set to Expire

  • Written by Andrea Miliani Former Tech News Expert
  • Fact-Checked by Sarah Frazier Former Content Manager

The Common Vulnerabilities and Exposures (CVE) program faces an uncertain future as the U.S. government has not renewed its contract to support the initiative through the nonprofit organization MITRE, and it expires today, April 16. Cybersecurity experts are now warning of potential global security consequences.

In a rush? Here are the quick facts:

  • The U.S. government will not renew the contract to provide financial support to the CVE program, and it expires today.
  • The non-profit organization has sent a letter to CVE board members and assures the government is searching for alternatives.
  • Cybersecurity experts are concerned and warn about global disruption and confusion.

The CVE program, launched in 1999, has been designed to develop an ID system and help engineers and organizations identify, apply patches, and mitigate vulnerabilities worldwide. Considering a code that begins with the letters “CVE” followed by the year and a unique number—such as CVE-2024-50050 found in Meta’s AI Framework or the Chrome zero-day vulnerability CVE-2025-2783 spotted a few weeks ago—the program organizes and keeps control of global vunerabilities.

The MITRE Corporation has been maintaining and operating the CVE system since its founding and has been consistently receiving financial support from the Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA) for the past 25 years.

An internal letter sent from Yosry Barsoum, VP and Director of the Center for Securing the Homeland (CHS) at MITRE, to board members of the CVE has been leaked and shared publicly on Bluesky .

“We want to make you aware of an important potential issue with MITRE’s enduring support to CVE,” states the document. “On Wednesday, April 16, 2025, the current contracting pathway for MITRE to develop, operate, and modernize CVE and several other related programs, such as CWE, will expire.”

The Verge has confirmed the information disclosed on the social media platform and reached out to Barsoum who assured that the government is making efforts to continuing to support MITRE, and that, in the meantime, the Common Weakness Enumeration (CWE) program—which focuses on software and hardware vulnerabilities—will also be affected.

Cybersecurity researcher Lukasz Olejnik shared his concerns on X. “The Trump administration will effectively (at least temporarily) cripple the global cybersecurity system,” he wrote in a post. “The consequence will be a breakdown in coordination between vendors, analysts, and defense systems — no one will be certain they are referring to the same vulnerability. Total chaos, and a sudden weakening of cybersecurity across the board.”

By cutting what amounts to penny costs, the Trump administration will effectively (at least temporarily) cripple the global cybersecurity system — CVE. What is CVE? It is a global system for identifying and tracking vulnerabilities that has served as a common language for… pic.twitter.com/WBCdLz0DdT — Lukasz Olejnik (@lukOlejnik) April 15, 2025

Other experts and organizations, including MITRE, expect to find other funding sources and alternatives for the CVE program to continue its service and operations regularly.