Name a target anywhere in China, an official at a state-owned company boasted recently, and his crack staff will break into that person’s computer, download the contents of the hard drive, record the keystrokes and monitor cellphone communications too.
Pitches like that, from a salesman for Nanjing Xhunter Software, were not uncommon at a crowded trade show this month that brought together Chinese law enforcement officials and entrepreneurs eager to win government contracts for police equipment and services.
“We can physically locate anyone who spreads a rumor on the Internet,” said the salesman, whose company’s services include monitoring online conversations and pinpointing who has been saying what about whom.
The culture of hacking in China is not confined to top-secret military compounds where hackers carry out orders to pilfer data from foreign governments and corporations. Hacking thrives across official, corporate and criminal worlds.
Whether it is used to break into private networks, track online dissent back to its source or steal trade secrets, hacking is openly discussed and even promoted at trade shows, inside university classrooms and on Internet forums.
The Chinese Ministry of Education and a number of universities, for instance, join companies in sponsoring hacking competitions that are attended by army talent scouts, although “the standards can be mediocre,” said a cybersecurity expert who works for a government institute and handed out awards at a 2010 competition.
Corporations employ freelance hackers to spy on competitors. In an interview, a former hacker confirmed recent official news reports that one of China’s largest makers of construction equipment had committed cyberespionage against a rival.
One force behind the spread of hacking is the government’s insistence on maintaining surveillance over anyone deemed suspicious. So local police departments contract with companies like Xhunter to monitor and suppress dissent, insiders say.
Dissident artist Ai Weiwei (艾未未) said he received three messages from Google around 2009 saying his e-mail account had been compromised, an increasingly common occurrence in China among people deemed subversive. When the police detained him in 2011, he said, they seized 200 pieces of computer equipment and other electronic hardware.
“They’re so interested in computers,” Ai said. “Every time anyone is arrested or checked, the first thing they grab is the computer.”
There is criminal hacking, too. Keyboard jockeys break into online gaming programs and credit card databases to collect personal information. As in other countries, the Chinese police have expressed growing concern.
Some hackers see crime as more lucrative than legitimate work, but opportunities for skilled hackers to earn generous salaries abound, given the growing number of cybersecurity companies providing network defense services to the government, state-owned enterprises and private firms.
“I have personally provided services to the People’s Liberation Army [PLA], the Ministry of Public Security and the Ministry of State Security,” said a prominent former hacker who used the alias “V8 Brother” for this interview because he feared scrutiny by foreign governments.
He said he had done the work as a contractor and described it as defensive in nature, but declined to give details.
“If you directly work for the government, there could be secret projects or secret missions,” the hacker said.
However, government jobs are usually not well-paid or prestigious, and most skilled hackers prefer working for security companies that have cyberdefense contracts, as V8 Brother does, he and others in the industry say.
Self-trained, the hacker teamed up with China’s patriotic “red hackers” more than a decade ago. Then he began working for cybersecurity companies and was recently making US$100,000 a year, he said.
V8 Brother said this cyberworld was so arcane that senior Chinese officials did not know details about computer work at government agencies.
“You can’t even explain to them what you’re doing,” he said. “It’s like explaining computer science to a construction worker.”
In Washington, officials criticize what they consider state-sponsored attacks. The officials say intrusions against foreign governments and businesses are growing, and the Pentagon this month accused the Chinese military of attacking US government computer systems and defense contractors. The administration of US President Barack Obama, which itself has ordered cyberattacks against Iran, has made cybersecurity a priority in talks with China.
The Chinese Ministry of Foreign Affairs says China opposes hacking attacks and is itself a victim.
The furor in Washington intensified in February after the New York Times and other news organizations published details of hacking efforts against their own networks and the findings of a report by a cybersecurity company, Mandiant. The report said a shadowy group within the PLA, Unit 61398, ran a formidable hacking and espionage operation against foreign entities out of a building on the outskirts of Shanghai.
In China, the unit is just one part of the complex universe of hacking and cybersecurity. And the military units are not a well-kept secret. At least four former employees of Unit 61786, responsible for cryptography and information security, have posted resumes on job-search Web sites listing employment in the unit.
Another job seeker reported employment in Unit 61580; the unit has engineers specializing in “computer network defense and attack,” according to the Project 2049 Institute, a nongovernmental organization in Virginia that studies security and policy issues in Asia.
Members of Unit 61398, the bureau mentioned by Mandiant, have written several papers on hacking and cybersecurity with professors at Shanghai Jiaotong University, which has a prominent information security department. Across China, the universities labeled jiaotong (交通) — meaning communications — are taking the lead in building cybersecurity departments. The military recruits at the universities and runs its own training center, the PLA Information Engineering University, in Zhengzhou.
However, cybersecurity experts in China say the schools often churn out students who know theory, but lack practical skills. That could explain why many Chinese hacking attacks that have been discovered do not appear very sophisticated.
US cybersecurity experts say attacks from Chinese groups often occur only from 9am to 5pm Beijing time. And unlike, say, the Russians, Chinese hackers do not tend to cloak their movements, said Darien Kindlund, manager of the threat intelligence group for FireEye, a cybersecurity firm based in Milpitas, California.
“They’re using the least amount of sophistication necessary to accomplish their mission,” Kindlund said. “They have a lot of manpower available, but not necessarily a lot of intelligent manpower to conduct these operations stealthily.”
The culture of hacking began in China in the late 1990s. The most famous underground group then was Green Army. One sign of how hacking has gone mainstream is the fact that the name of a later incarnation of Green Army — Lumeng — is now being used by a top cybersecurity company in China. (Its English name is NSFOCUS.)
These companies are often started by prominent hackers or employ the hackers to do network security. They have polished Web sites that list Chinese government agencies and companies as their clients. They also list foreign clients — one company, Knownsec, lists Microsoft — and have offices abroad.
The Web site of another company, Venustech, says its clients include more than 100 government offices, among them almost all the military commands. The company, which declined an interview request, has a hacking and cyberdefense research center.
Another former hacker said the monolithic notion of insidious, state-sponsored hacking now discussed in the West was absurd. The presence of the state throughout the economy means hackers often end up doing work for the government at some point, even if it is through something as small-scale as a contract with a local government office.
“I don’t think the West understands,” he said. “China’s government is so big. It’s almost impossible to not have any crossover with the government.”
Large companies in China are employing hackers for industrial espionage, in operations that involve complex tiers of agents who hire the hackers. Sany Group, one of China’s biggest makers of construction equipment, hired hackers to spy on Zoomlion, a rival, according to official media reports confirmed by the former hacker. Sany declined to comment.
That hacker said he knew the middleman agent who had hired the cyberspies for Sany. The agent was a security engineer who owned two apartments in Beijing and had been under pressure to meet mortgage payments.
“In China, everyone is struggling to feed themselves, so why should they consider values and those kinds of luxuries?” the former hacker said. “They work for one thing, and that’s for money.”
Additional reporting by Jonathan Ansfield
Recently, China launched another diplomatic offensive against Taiwan, improperly linking its “one China principle” with UN General Assembly Resolution 2758 to constrain Taiwan’s diplomatic space. After Taiwan’s presidential election on Jan. 13, China persuaded Nauru to sever diplomatic ties with Taiwan. Nauru cited Resolution 2758 in its declaration of the diplomatic break. Subsequently, during the WHO Executive Board meeting that month, Beijing rallied countries including Venezuela, Zimbabwe, Belarus, Egypt, Nicaragua, Sri Lanka, Laos, Russia, Syria and Pakistan to reiterate the “one China principle” in their statements, and assert that “Resolution 2758 has settled the status of Taiwan” to hinder Taiwan’s
Singaporean Prime Minister Lee Hsien Loong’s (李顯龍) decision to step down after 19 years and hand power to his deputy, Lawrence Wong (黃循財), on May 15 was expected — though, perhaps, not so soon. Most political analysts had been eyeing an end-of-year handover, to ensure more time for Wong to study and shadow the role, ahead of general elections that must be called by November next year. Wong — who is currently both deputy prime minister and minister of finance — would need a combination of fresh ideas, wisdom and experience as he writes the nation’s next chapter. The world that
Can US dialogue and cooperation with the communist dictatorship in Beijing help avert a Taiwan Strait crisis? Or is US President Joe Biden playing into Chinese President Xi Jinping’s (習近平) hands? With America preoccupied with the wars in Europe and the Middle East, Biden is seeking better relations with Xi’s regime. The goal is to responsibly manage US-China competition and prevent unintended conflict, thereby hoping to create greater space for the two countries to work together in areas where their interests align. The existing wars have already stretched US military resources thin, and the last thing Biden wants is yet another war.
Since the Russian invasion of Ukraine in February 2022, people have been asking if Taiwan is the next Ukraine. At a G7 meeting of national leaders in January, Japanese Prime Minister Fumio Kishida warned that Taiwan “could be the next Ukraine” if Chinese aggression is not checked. NATO Secretary-General Jens Stoltenberg has said that if Russia is not defeated, then “today, it’s Ukraine, tomorrow it can be Taiwan.” China does not like this rhetoric. Its diplomats ask people to stop saying “Ukraine today, Taiwan tomorrow.” However, the rhetoric and stated ambition of Chinese President Xi Jinping (習近平) on Taiwan shows strong parallels with