Secret NSA map pinpoints China’s U.S. cyberattack victims

abstract art of surveillance cameras

Is your state on the list?

A newly released NSA map reportedly shows the spots where China has attacked U.S. companies over the past five years.

The map, obtained by NBC News and verified by sources who work in intelligence, shows that the National Security Agency tallied more than 600 locations target by Chinese hackers. Most of them are clustered around the major cyber and industrial hubs in the U.S. Unsurprisingly, there’s a lot of dots along the eastern corridor and West Coast, with additional concentrations in Texas, Florida, and around some of the country’s bigger cities.

 

NBC/NSA

 

That the U.S. is frequently the victim of cyberattacks from China is hardly news, though actual attribution of attacks, especially sophisticated ones, are notoriously difficult or even impossible to attribute with certainty.

Intelligence officials and members of Congress alike routinely condemn China for such attacks, with the latter using them as justification for the numerous cybersecurity bills that float around the Hill. In 2013, cybersecurity firm Mandiant even identified what it claimed was the source of most of the People’s Liberation Army’s attacks: PLA Unit 61398, outside of Shanghai. But cybersecurity experts resoundly agree that it’s a two-way street, and that the U.S., like many nations with advanced cyber capabilities, regularly hacks back.

NBC News isn’t giving details on how it obtained the map, which is marked secret but is not classified, and the NSA refused to give it or the Daily Dot official confirmation of its authenticity or answer further questions about it. But analysts told NBC it came from the NSA’s Threat Operations Center in February 2014. The agency presumably has an updated map by now—one with a few more red dots.

Illustration by Max Fleishman

Kevin Collier

Kevin Collier

A former senior politics reporter for the Daily Dot, Kevin Collier focuses on privacy, cybersecurity, and issues of importance to the open internet. Since leaving the Daily Dot in March 2016, he has served as a reporter for Vocativ and a cybersecurity correspondent for BuzzFeed.