Prakash Nanda
THERE is now a growing global concern that China’s cyber offensives against foreign targets are increasingly becoming more effective because of the sophisticated fusion of its civilian technological institutions with their military counterparts, something the democratic countries are finding difficult to replicate.
Ever since President Xi Jinping unveiled China’s ambition to transform into a ‘cyber power’ in 2014, Beijing has reportedly invested billions of dollars to realise it. This vision has simultaneously been pursued with large investments, organisational refinements within and across security agencies, and the establishment of relevant legal frameworks to bolster China’s offensive cyber and defensive capabilities. However, what is not so well-known is the role that China’s civilian hacker community has played in this endeavour, working in tandem with and supporting state efforts.
Western product focus
China’s primary civilian hacking teams and their research are believed to focus now on Western products and systems by examining their participation in prominent hacking competitions and bug bounty programmes. These teams are said to be affiliated with companies that collaborate with Government agencies on a wide spectrum of cyber activities. China is using these companies to find vulnerabilities in their own computer networks and then tapping that knowledge to target foreign nations and industries.
Last month, the US and British officials publicly warned of a growing cyber threat from China. The White House cyber director said Beijing was capable of causing havoc in cyberspace, and a UK spy agency chief warned of an “epoch-defining” challenge.
In April, US officials had alleged a sweeping cyberespionage campaign dubbed ‘Volt Typhoon’; in which Chinese hackers broke into dozens of American critical infrastructure organisations, using a vast global network of compromised personal computers and servers.
Strengthening offensive
A significant piece of research by Eugenio Benincasa, Senior Researcher in Cyber Defense Project with the Risk and Resilience Team at the Center for Security Studies (CSS) at ETH Zürich, highlights how China is strengthening its cyber offensives. His paper, titled ‘From Vegas to Chengdu: Hacking Contests, Bug Bounties, and China’s Offensive Cyber Ecosystem,’ reveals how a sophisticated system has been developed in China that enables attackers to gain unauthorised access, navigate through a network, pilfer data, or compromise a system.
Some of the important revelations in this study are being highlighted in the following paragraphs: The Chinese hackers are evaluated based on their performance at the ‘hacking competitions’ they participate in, both in China and abroad (the bug bounty programmes of Apple, Google Android, and Microsoft, for instance). These competitions incentivise participants to analyse the newest types of security threats, assess them, and practice remediating such issues.
Hacking competitions
Chinese hackers may be roughly divided into two distinct groups. Prominent Chinese researchers who have distinguished themselves by winning or participating in prestigious competitions are often affiliated with Level 1 Technical Support Units, which are Chinese companies that have links with China’s premier intelligence agency.
These researchers have refined their abilities over time through incentives offered by international hacking competitions and bug bounty programmes, with Western products and systems frequently being their most sought-after targets. But they are not directly linked to Chinese state-sponsored cyber operations; it is their companies that are linked. The second group encompasses non-public-facing Government-contracted hackers. These individuals have not participated in hacking competitions and are not generally contributors to bug bounty programmes.