China’s Hacker Army

Foreign Policy takes an in-depth look at the “chaotic” and dispersed world of Chinese hackers. The report argues that much of the western reporting on cyber attacks in China in light of the Aurora attack on Google mischaracterizes the hacker movement and assumes it is a centrally-controlled government effort:

But a report released Tuesday by Atlanta security firm Damballa says the Aurora attack looks like work of amateurs working with unsophisticated tools. That revelation, along with a separate story in the Financial Times that a freelancer wrote the Aurora code, is focusing attention on China’s loose web of cowboy hackers. And SharpWinner — the leader of a coalition including anywhere from 50,000 to 100,000 civilian members and, before he disappeared from public view in 2007, a regular participant in international cyberconflicts, including the 2001 hacker war stretching from China to the White House — is just the beginning.

The Aurora attacks represented an attempt by hackers apparently based in China to steal valuable information from leading U.S. companies. (So far the list of victims includes Adobe Systems, the RAND Corporation, and Dow Chemical, in addition to Google. Over the weekend, a security researcher told Computerworld that Aurora might have penetrated more than 100 firms.) Investigators are still trying to understand where Aurora came from and what it means, but already some surprising clues have emerged. The Financial Times story followed on the heels of a New York Times story reporting that researchers have traced the attacks back to two Chinese universities, one of which has long been a training ground for freelance or “patriotic” hackers. Among the implications of these reports: The U.S. understanding of Chinese hacking is seriously out of date.

Western media accounts typically overlook freelancers in favor of bluster about the Chinese government. Some pair breathy accounts of cyberwar with images dredged up from 1960s People’s Liberation Army propaganda, as if to suggest China has some centrally administered cyberbureau housing an army of professional hackers. Others make improbable or unsubstantiated allegations.

A sidebar to the report includes a translation of “Selections from a hacker’s manifesto and how-to guide written by one of China’s preeminent hackers, Peng Yinan.”