A pair of recently surfaced screenshots appear to offer unusual detail about a special month-long operation, held in Beijing and involving over 40 Ministry of Public Security computer specialists from around the country, to combat “overseas cyber forces” in the battle for public opinion. The apparently leaked internal instructions from the Ministry of Public Security are likely to be the result of an email breach. They include the names and locations of many of the computer-specialist officers, as well as the name and contact information of the individual in charge of the operation. At some point in their journey, the documents have also acquired a colorful manga watermark; a smiling female nurse offering commentary from the bottom of each page.
CDT Chinese editors believe that the leaked instructions (excluding the nurse) are authentic, and have been able to confirm that 11 of the listed individuals are indeed cyber-police officers from various localities. (For more screenshots and other detailed evidence verifying the identity of the officers, please see the original CDT Chinese post.) The following translation of the post offers more detail about the operation, as well as images of the two screenshots:
On March 24, 2023, the Eleventh Bureau of the Chinese Ministry of Public Security issued internal instructions for plans to send more than 40 seasoned “online investigators, big-data systems engineers, and data-mining specialists” from across the country to Beijing for a month-long “special reconnaissance operation” to take place between March 27 and April 27, 2023. The stated purpose of the operation is to “dispatch personnel to engage with overseas ‘cyber forces’ in the battle for public opinion, and to effectively maintain online political security.”
The leaked instructions, which appear to have been obtained via an email breach, reveal that the special operation was organized by Department 22 of the Eleventh Bureau of the Chinese Ministry of Public Security. The Eleventh Bureau, known to be an internal bureau of the Ministry of Public Security, is tasked with handling computer and internet security and cybercrime cases, and managing the nation’s cyber-police force. The individual responsible for the special operation is listed as Hu Fengming (his internal telephone number and mobile phone number are included at the bottom of the notice). The instructions are addressed to multiple “Public Security Bureau Internet Security Units” in over 40 cities, provinces, and autonomous prefectures. There is also a second-page addendum that lists the real names of 32 “combatants,” public security officers slated to participate in the operation, and the locations they were sent from. For Shanghai, Chongqing, and Yunnan, there are no names listed, just the request, “Send two technical officers familiar with big-data systems architecture and data mining (Please contact Department 22.)” For Beijing, the instructions read, “Beijing is invited to send participants as desired.”
China Digital Times has independently verified the identities of some of the participating officers on the list via Internet searches and cross-referencing for validation. At present, we have been able to confirm that the following 11 listed individuals are indeed cyber-police officers from various localities, and we have preserved screenshots with the relevant evidence. For these reasons, we believe the leaked instructions to be authentic.
Tianjin: Ren Jianzhong
Liaoning: Sun Wen
Shanghai: Yang Zepu
Jiangsu: Cai Du
Wuxi, Jiangsu: Jiang Yuxiang
Taizhou, Zhejiang: Chen Chengcheng
Zhejiang: Wang Weifeng
Fujian: Zhan Xianliang
Qingdao: Han Zhikui
Chongqing: Yue Jingbiao
Sichuan: Ye Hongzhi
Chinese officials appear to have learned of the leak and taken action to delete some (but not all) online biographical content about the participating officers. Baidu Encyclopedia pages for the listed officers have been taken offline, as have some news articles mentioning the names of officers.
Weibo also seems to have “cleaned up” content related to the list of names: some of the names yield many search results that appear as blank pages on Weibo’s home-page search (web version). In addition, Weibo searches for some of the names only show content posted by “verified” users. [Chinese]
In a video posted on May 25, Youtube commentator 公子沈 (Gongzi Shen, “Mr. Shen”) shared the news and screenshots from CDT, and mentioned that he, too, had been able to confirm the identities of 11 of the officers. The following is a partial translation of his commentary on the purpose of the cyber-operation, taken from 13:34-14:00 in his video:
To put it bluntly, it’s a war of words, a battle of words. But who are these so-called “overseas cyber forces”? I’m still puzzled about that. I’m guessing it means channels like this. Or like the fact that I sometimes speak out on Twitter. I’m guessing they must see us as “overseas cyber forces.” Since they’re the “domestic cyber forces,” they have to go out in search of some “overseas cyber forces.” Otherwise, who would they fight? In fact, it’s us they’re planning to fight, right? Those of us who express our opinions freely, and are willing to go head-to-head with them. [Chinese]