Tao Wan now works at IBM, but said he was once an angry young man, a veteran of the hacking scene that burgeoned in China in the late 1990s.
Wan channeled his youthful frustrations through the famed Green Army hacker group, of which he was a member before leaving to found the China Eagle Union. It, like the Green Army, is believed to have defaced foreign websites.
These days, the 41-year-old Wan has mellowed. He works in Beijing as a managing consultant on IBM’s Cloud Tiger Team, which sells the company’s cloud computing services.
But Wan still has keen insights into the motivations and capabilities of today’s malicious hackers in China, who often are blamed for ever-increasing cyber attacks against the U.S.
The picture he paints is not one of a well-oiled machine in which talented hackers are scooped up by the Chinese government and swiftly integrated into malicious campaigns. On the contrary, he said, it’s one of semi-talented, self-educated hackers, some driven by nationalistic feelings to stir up trouble in the form of electronic protests, and others seeking to profit from their knowledge.
Hackers born in the 1990s learned their skills in Internet cafes while their parents were away at work, Wan said.
"This generation of hackers are not that technically capable, they just like to show off — young kids with a low technical ability," said Wan, who spoke at the Power of Community security conference on Thursday in Seoul.
In the past, Chinese hackers have been spurred into action by geopolitical controversies, such as when Japanese politicians visit the Yasukuni Shrine, a memorial in Tokyo to Japan’s military, including war criminals from World War II.
But Wan sees change coming. "I think they are coming out of the nationalistic phase," he said. "I believe the nationalistic intent will fade even further in the future."
Many of the hackers are turning away from the darker side of the security field and instead looking for opportunities in building legitimate businesses. Wan has played a part in that, turning the China Eagle Union into a non-governmental organization called the Intelligence Defense Friends Laboratory, which is intended to encourage more positive behavior.
"Hackers are not destroyers," Wan said. "They must be builders and do something."
China’s billion-plus population means that proportionally, there are a lot of hackers in China. China has an active cyber police, but the country is large. Nonetheless, "you can’t say enforcement is non-existent in China," Wan said.
The authorities can show a soft touch, which Wan has felt himself: At one time before launching a new attack campaign, he was visited by the police, who persuaded him and others to hold off.
Contact between the Chinese government and hackers is inevitable in one form or another, just as it would be between companies and the government anywhere, Wan said. But China doesn’t really employ hackers. Hacker tend to be of a lower social level and don’t fit the type of a civil service worker, let alone become officially hired.
Besides, official government work would be a dull, 9 a.m. to 5 p.m. job. "If there was an opportunity, I would refuse it," he said
That said, China does have it own hacking capabilities within its government agencies, but there is a difference in skills compared to countries such as the U.S. and Russia.
"Especially in some government agencies they are very sophisticated but the overall hacking ability is still less sophisticated that other countries," Wan said. "They need to become more competitive."
IDG News Service
Subscribers 0
Fans 0
Followers 0
Followers