Chinese ex-hacker says working for the government would be too boring
- 08 November, 2012 09:50
Tao Wan now works at IBM, but said he was once an angry young man, a veteran of the hacking scene that burgeoned in China in the late 1990s.
Wan channeled his youthful frustrations through the famed Green Army hacker group, of which he was a member before leaving to found the China Eagle Union. It, like the Green Army, is believed to have defaced foreign websites.
These days, the 41-year-old Wan has mellowed. He works in Beijing as a managing consultant on IBM's Cloud Tiger Team, which sells the company's cloud computing services.
But Wan still has keen insights into the motivations and capabilities of today's malicious hackers in China, who often are blamed for ever-increasing cyber attacks against the U.S.
The picture he paints is not one of a well-oiled machine in which talented hackers are scooped up by the Chinese government and swiftly integrated into malicious campaigns. On the contrary, he said, it's one of semi-talented, self-educated hackers, some driven by nationalistic feelings to stir up trouble in the form of electronic protests, and others seeking to profit from their knowledge.
Hackers born in the 1990s learned their skills in Internet cafes while their parents were away at work, Wan said.
"This generation of hackers are not that technically capable, they just like to show off -- young kids with a low technical ability," said Wan, who spoke at the Power of Community security conference on Thursday in Seoul.
In the past, Chinese hackers have been spurred into action by geopolitical controversies, such as when Japanese politicians visit the Yasukuni Shrine, a memorial in Tokyo to Japan's military, including war criminals from World War II.
But Wan sees change coming. "I think they are coming out of the nationalistic phase," he said. "I believe the nationalistic intent will fade even further in the future."
Many of the hackers are turning away from the darker side of the security field and instead looking for opportunities in building legitimate businesses. Wan has played a part in that, turning the China Eagle Union into a non-governmental organization called the Intelligence Defense Friends Laboratory, which is intended to encourage more positive behavior.
"Hackers are not destroyers," Wan said. "They must be builders and do something."
China's billion-plus population means that proportionally, there are a lot of hackers in China. China has an active cyber police, but the country is large. Nonetheless, "you can't say enforcement is non-existent in China," Wan said.
The authorities can show a soft touch, which Wan has felt himself: At one time before launching a new attack campaign, he was visited by the police, who persuaded him and others to hold off.
Contact between the Chinese government and hackers is inevitable in one form or another, just as it would be between companies and the government anywhere, Wan said. But China doesn't really employ hackers. Hacker tend to be of a lower social level and don't fit the type of a civil service worker, let alone become officially hired.
Besides, official government work would be a dull, 9 a.m. to 5 p.m. job. "If there was an opportunity, I would refuse it," he said
That said, China does have it own hacking capabilities within its government agencies, but there is a difference in skills compared to countries such as the U.S. and Russia.
"Especially in some government agencies they are very sophisticated but the overall hacking ability is still less sophisticated that other countries," Wan said. "They need to become more competitive."
Send news tips and comments to firstname.lastname@example.org. Follow me on Twitter: @jeremy_kirk
- New Gateway Anti-Malware Technology Sets the Bar for Web Threat Protection (Sponsored by McAfee)
- McAfee Whitepaper: Building the Business Case for Privacy
- Choice and Control: Considerations for Developing Enterprise Cloud Strategies
- Smart Cloud: Move Beyond monitoring to Holistic Management of Application Performance
- Smart Cloud Provisioning: Low Cost and highly Scalable Entry Point into Cloud Computing
- CITRIX SYNERGY ’13: Look beyond Cloud infrastructure, says Liang
- CITRIX SYNERGY ’13: Qureshi addresses the trend of ‘mojility’
- CITRIX SYNERGY ’13: IT needs to be empowered, says Sallam
- CITRIX SYNERGY ’13: Christiancen highlights the need for collaboration
- CITRIX SYNERGY ’13: Devices will change how people work, says Duursma
Attack on Telenor was part of large cyberespionage operation with Indian origins: report
Box buys iOS app to improve its own
Growing mobile malware threat swirls (mostly) around Android
Barracuda Networks raises free capacity of Copy.com to 15GB
Coke gives peace a chance ( +16 photos)