China Raises Private Hackers To Probe Foreign Governments

( – China has created an army of private hackers to identify security vulnerabilities in software used by its government and the governments of other countries around the world.

A cybersecurity law from July 2021 changed the game such that Chinese companies that identified programming flaws that could be exploited were required to report the vulnerability to the Chinese Communist Party (CCP) within 48 hours of its discovery, and prior to making any updates that would fix the problem.

The CCP rewards organizations that discover flaws and add to its database of potentially exploitable software vulnerabilities. Some have suggested the program is a new form of cyber-warfare.

China is simultaneously promoting training for cyber security experts, as demand for their skills and abilities continues to grow over time.

The new law makes it a requirement that discoveries of exploits have to be reported to the CCP before publicly announcing the discovery or attempting to fix it if the company discovered a problem with its own software. Given the frequency of ransomware attacks, and other malicious cyber threats, the rule seems short sighted.

Cybersecurity analyst Dakota Cary is a fellow with the Atlantic Council who specializes in China. He explained to podcasters with “The Record” that the change has fostered competition within China between different organizations working to discover the programming flaws.

In America, major companies like Google and Microsoft hire consultants with backgrounds in hacking, so-called “white hat” hackers, to locate and explain any exploitable bugs in their software to prevent bad actors from doing the same thing, and then weaponizing the problem. Chinese engineers were actively participating in the process on the global stage until the rule change.

Researchers with FreeBuf, a cybersecurity forum, suggested that China has over 170,000 white hat hackers in 2021. It’d be relatively easy for those white-hat hackers to be activated to attack targets for the CCP overseas or elsewhere.

Copyright 2024,