A flier for a prominent Chinese hacker’s presentation on the how-tos and wherefores of hacking, drawing on sources as diverse as Shakespeare, the Diamond Sutra, and … Google. Click through to view FP's exclusive slideshow.
The autobiography of hacker SharpWinner opens on a bunch of young men in a high-rise apartment thick with cigarette smoke, in an unnamed city somewhere in China. Hacking is hard work, and this particular group, one of hundreds spread across the country, has been at it for hours. But the alpha male of the group, a "handsome and bright youth" -- throughout The Turbulent Times of the Red Hackers, SharpWinner refers to himself in the third person -- is unflappable. After he completes a backdoor intrusion into a Japanese website, he takes a break to field text messages from female admirers.
It would be easy to dismiss SharpWinner, who has promoted his book on national television, claiming he has a movie deal in the works, as an attention-hungry stuntman. And in fact, the news that Google and dozens of other companies had been hit by a mammoth attack originating in China this past winter evoked the strong arm of the Chinese government -- not SharpWinner's amorphous world of hacker bandits. The Internet giant said the decision to go public with information on Operation Aurora, as the hack has been dubbed, "goes to the heart of a much bigger global debate about freedom of speech." The Chinese government's spying on the email accounts of human rights activists, Google intimated, was behind its threat to pull out of China. (It has yet to make good on that claim.)
But a report released Tuesday by Atlanta security firm Damballa says the Aurora attack looks like work of amateurs working with unsophisticated tools. That revelation, along with a separate story in the Financial Times that a freelancer wrote the Aurora code, is focusing attention on China's loose web of cowboy hackers. And SharpWinner -- the leader of a coalition including anywhere from 50,000 to 100,000 civilian members and, before he disappeared from public view in 2007, a regular participant in international cyberconflicts, including the 2001 hacker war stretching from China to the White House -- is just the beginning.
A Chinese Hacker's Manifesto
How star codebreakers like SharpWinner, above, master their trade.
The Aurora attacks represented an attempt by hackers apparently based in China to steal valuable information from leading U.S. companies. (So far the list of victims includes Adobe Systems and Dow Chemical, in addition to Google.* Over the weekend, a security researcher told Computerworld that Aurora might have penetrated more than 100 firms.) Investigators are still trying to understand where Aurora came from and what it means, but already some surprising clues have emerged. The Financial Times story followed on the heels of a New York Times story reporting that researchers have traced the attacks back to two Chinese universities, one of which has long been a training ground for freelance or "patriotic" hackers. Among the implications of these reports: The U.S. understanding of Chinese hacking is seriously out of date.
Western media accounts typically overlook freelancers in favor of bluster about the Chinese government. Some pair breathy accounts of cyberwar with images dredged up from 1960s People's Liberation Army propaganda, as if to suggest China has some centrally administered cyberbureau housing an army of professional hackers. Others make improbable or unsubstantiated allegations. Two years ago, a National Journal cover story claimed Chinese hackers were responsible for the 2003 blackout that crippled much of the U.S. Northeast, an event repeated investigations have attributed to domestic negligence.