Ministry of State Security Statement on National Time Service Center Cybersecurity Incident

Beijing, 19 October 2025 — China’s Ministry of State Security (MSS) issued a statement confirming that foreign intelligence actors attempted to infiltrate the National Time Service Center (NTSC), the institution responsible for maintaining the nation’s official time standard. The MSS reported that the attackers exploited vulnerabilities in staff mobile devices and used advanced cyber tools to access internal systems over an extended period.

Details of the Attack: According to the MSS, the campaign began as early as 2022, focusing on compromising NTSC personnel and internal networks. The attackers allegedly aimed to steal sensitive technical data and disrupt critical time synchronization services that support telecommunications, financial systems, transportation networks, and power grids across China.

Impact and Risk: The National Time Service Center plays a vital role in maintaining accurate time signals for critical infrastructure. Any disruption could affect synchronization across communication networks, financial transactions, and industrial control systems. The MSS emphasized that its early detection prevented major operational failures and that the agency has neutralized the tools used in the attack.

Government Response: Following the discovery, MSS coordinated with NTSC and other government bodies to secure affected systems, patch vulnerabilities, and enhance defensive monitoring. The agency also initiated broader inspections of other time-service facilities to prevent similar breaches. Authorities urged all critical infrastructure operators to heighten vigilance and strengthen endpoint security for personnel handling sensitive data.

Recommendations for Organizations:

• Include time servers and related systems in routine cybersecurity risk assessments.
• Secure staff mobile devices with strong authentication and regular software updates.
• Monitor for irregular time synchronization activities and unauthorized configuration changes.
• Establish direct coordination channels with national cybersecurity agencies for reporting anomalies.

Takeaway: The incident highlights the growing strategic importance of timing infrastructure and its attractiveness as a cyber target. Attacks on such systems could have far-reaching consequences across multiple sectors. Strengthening cybersecurity around time synchronization and related infrastructure is now a critical national and organizational priority.