China is investigating alleged cyberattacks perpetrated by US operatives during the Asian Games held in Harbin this past February. The investigation has led to the naming of three individuals allegedly working for the US National Security Agency (NSA). Chinese authorities have accused these individuals of targeting critical infrastructure and systems related to the Games.

The Harbin Public Security Bureau has identified Katheryn A. Wilson, Robert J. Snelling, and Stephen W. Johnson as the alleged US operatives. These individuals are said to be affiliated with the NSA's Office of Tailored Access Operations (TAO). According to Chinese authorities, TAO was also behind a 2022 cyberattack on a Chinese aviation university. The three individuals are now on a wanted list.

According to reports, the alleged attacks targeted various critical systems, including those managing the Asian Winter Games, such as registration, competition entry, and travel platforms. These systems contained sensitive personal data of individuals associated with the Games. The attacks reportedly continued during the Games in an attempt to disrupt operations. Beyond the Asian Games, the NSA allegedly targeted critical infrastructure in Heilongjiang province, including energy, transportation, water resources, telecommunications, and defense research institutions. The Chinese tech company Huawei was also reportedly targeted.

Chinese authorities claim the NSA used front organizations to purchase IP addresses from various countries and anonymously rented servers in Europe and Asia to carry out the attacks. They allege the NSA transmitted encrypted data packets to specific devices running Microsoft Windows operating systems within the province, potentially to activate pre-implanted backdoors. The University of California and Virginia Tech have also been implicated in the attacks, with reports suggesting these institutions have ties to the NSA in cyber warfare.

The Chinese Foreign Ministry has condemned the alleged cyberattacks, stating they caused serious harm to China's critical infrastructure, national defense, finance, society, production, and the personal information security of Chinese citizens. They have urged the US to adopt a responsible attitude on cybersecurity issues, cease cyberattacks, and stop making unwarranted accusations against China. The US Embassy in Beijing has not yet responded to requests for comment.

These accusations come amid ongoing tensions between the US and China regarding cybersecurity. Both countries have repeatedly accused each other of state-sponsored cyberattacks. Just last month, the US Department of Justice unsealed indictments against 12 Chinese nationals accused of hacking on behalf of the Chinese government, targeting various US entities and foreign governments. China has consistently denied involvement in overseas cyber espionage.