In fact, the hacking scene in China probably looks more like a few intelligence officers overseeing a jumble of talented -- and sometimes unruly -- patriotic hackers. Since the 1990s, China has had an intelligence program targeting foreign technology, says James A. Lewis, senior fellow for cybersecurity and Internet policy at the Center for Strategic and International Studies. Beyond that, however, things get complicated. "The hacking scene can be chaotic," he says. "There are many actors, some directed by the government and others tolerated by it. These actors can include civilian agencies, companies, and individuals."
To anyone who speaks Chinese, that chaos is obvious. Google the characters for heike -- a transliteration of "hacker" that means, literally, "black guest" -- and you'll come up with pages and pages of results. Sites such as www.chinahacker.com, www.cnhacker.com, and www.hackbase.com contain step-by-step instructions, advertisements for how-to seminars -- become a hacker in a few short weeks! -- and screen shots of foreign casualties. And yet they are clearly not the work of the central government. Read on (or don't -- the sites are packed with malware and users visit at their own peril) and you'll find threads roiling with bitter infighting, foul-mouthed forum posts, and photos of scantily clad women.
"There are literally hundreds of these sites," says Scott J. Henderson, an intelligence contractor and former U.S. Army linguist who has written a book on Chinese hackers. "They all have different agendas and different personnel. It's not as well-coordinated as everyone sitting down in a room and someone saying, 'You, go write this code.' 'You, go write that.'"
Instead, China's hackers spring up organically. Mix together widespread youth nationalism with a highly wired population -- China now boasts the most Internet users in the world, with 384 million people online -- and out comes patriotic hacking. The self-described "red hackers" are the product of the "the fact that we live in a time when our country is moving toward prosperity," SharpWinner once said, quite accurately. Prosperity also ensures a market for abundant hacker memorabilia: hacker magazines, hacker T-shirts, and tell-all books like his. While traveling through rural China once, I stumbled across bins in a village store filled with Hacker brand candy. (It tastes like saltwater taffy.)
Every August, top hackers convene in Beijing for a conference ostensibly about information security but described by one participant as including seminars on common attack techniques. China's hackerati range from flamboyant prima donnas like SharpWinner to Sunwear, a slight, pixie-ish twentysomething who marks his website defacements with the innocuous tag line "just for fun!", to Xiao Tian, the unattainable femme fatale leader of China Girl Security Team. Many of their causes neatly overlap with the interests of the Chinese government. Take one of the events that drove the development of hacker culture in China: the 1999 NATO bombing of the Chinese Embassy in Belgrade. In retaliation, hackers plastered the website of the U.S. Embassy in Beijing with the phrase "Down with the Barbarians!" Or the targeting of email accounts of the Save Darfur Coalition, which opposes Chinese involvement in Sudan, in 2008. Or GhostNet, the cyberspying operation originating in China that was revealed last year to have infected 1,295 computers in 103 countries -- including the Dalai Lama's network in Dharamsala, India. The University of Toronto researchers who uncovered the attack have not yet pinpointed its architects, but in a report on the attack, they noted the operation could easily be the work of patriotic hackers using "do-it-yourself signals intelligence."