China’s Red Hackers: The Tale of One Patriotic Cyberwarrior

In this week’s magazine, TIME profiles Wan Tao, once one of China’s most feared hongke, or red hackers, cyberwarriors motivated by patriotism to attack foreign digital victims.

  • Share
  • Read Later
Carlos Barria / REUTERS

A Chinese People's Liberation Army soldier stands guard in front of Unit 61398, a secretive Chinese military unit, in the outskirts of Shanghai, Feb. 19, 2013.

In the latest report by a Western cybersecurity company to finger Chinese state hackers, Mandiant earlier this week accused the People’s Liberation Army Unit 61398 of having orchestrated years of cyberattacks on more than 100 U.S. firms from a base in Shanghai. Hacking by the Chinese, whether by state technicians or patriotic individuals who are not directly employed by the government, has turned into a serious global risk. Although the Chinese government has repeatedly denied a state-sponsored hacking campaign, the list of cybertargets—from Western competitors of Chinese companies to human-rights groups that are critical of Beijing’s record—leaves little room for doubt that these raids originate from China. “These attacks only benefit the Chinese, not anyone else,” says Dr. Murray Jennex, a cybersecurity expert at San Diego State University. “They have so many more people who are able to hack than any other country.”

In a story in this week’s magazine, TIME profiles Wan Tao, once one of China’s most feared hongke, or red hackers, cyberwarriors motivated by patriotism to attack foreign digital victims:

While Chinese hackers boast about their exploits online, it’s rare to hear one articulate why he chose to hack for nationalist reasons. The story of Wan Tao, now 41, and his China Eagle Union—which at its height boasted hundreds of members who attacked foreign computer systems with the government’s tacit approval—gives an inside glimpse into the underground world of Chinese hackers: their motivation, exploitation and, in some cases, redemption.

(MORE: Are Chinese Telecoms Firms Really Spying on Americans?)

Wan emphasizes that he never hacked officially for the government and didn’t steal information. He says he began his online forays because he was lured by a kind of independent, rebellious ethos shared by hackers worldwide. But there’s no question China Eagle Union’s hacking, which starting in 2000 infiltrated everything from U.S. government sites to Japanese politicians’ email accounts, fit the Chinese government’s agenda. Wan released a manifesto called “Building Hacker Culture with Chinese Characteristics.” His hacking collective’s theme song only enhanced his rock-star status among a growing corps of hongke. A sample lyric: “It doesn’t matter how hard the enemy’s shield is, we want him to know our sharpness. We are the China Eagles.”

Then in 2005, when anti-Japanese riots convulsed Chinese cities, the Chinese government began tamping down on the very xenophobic sentiment it had cultivated through nationalist education and propaganda. Once free to excoriate foreigners online, Wan was ordered by the authorities to delete inflammatory content from his website. He spent 20 hours erasing comments before collapsing from exhaustion and checking into a hospital. Wan’s own posts on domestic issues, such as the plight of Chinese farmers left behind by the country’s economic boom, were also censored. “I thought I had freedom online,” says Wan. “But I was wrong.”

At the same time, Internet crime began skyrocketing in China.  From July 2011 to July 2012, nearly 260 million Chinese were victimized online, according to official statistics. Red hackers were morphing into what Chinese call black hackers, computer geeks who were lured into illegality by money.

China has begun cracking down on computer malfeasance within its borders, ranging from online banking fraud to corporate data robbery. Chinese cyberpolice have shut down child pornography websites in stings run with Americans, and new Chinese laws criminalize certain types of hacking. The head of a Chinese hacking school that used to openly advertise on the web—and at bus stations—was jailed.

(MORE: Chinese Hackers Targeting U.S. Satellites?)

Yet to this day, hongke have not been punished for their overseas assaults. It’s a double standard that raises troubling questions about China’s commitment to online lawfulness—even apart from the fact that the state is suspected of employing an army of hackers. “Even if hongke are doing it under the banner of safeguarding national security, hacking is not right,” says Wang Sixin, a law professor at the Communications University of China.

Meanwhile, Chinese hackers are being blamed for an ever-increasing number of raids on foreign soil. “I don’t believe there are thousands of Chinese hackers sitting in a room hacking for the government,” says Wan. He clumsily dodges a question about the recent hacking of American media, which was blamed on Chinese techies. “You can’t prove it came from China,” he says, explaining that just because an IP address is traced to China doesn’t mean the hacking originated there. But to go back to cybersecurity expert Jennex’s point, who else but China has an interest in such online attacks?

During a separate conversation, Wan admits that there are, indeed, Chinese who end up working for the state. Some, he says, are black hackers who have been caught by police and are pressured into government employment. He also gives the profile of the kind of kid who might end up hacking for China: “small-town boys who have little education and learned computers while their grandparents were supposed to be looking after them.” He dismisses them as “robots” and refuses to even call them hackers.

Today, Wan says he no longer hacks. He now runs a cybersecurity company with top Chinese firms and NGOs as his clients. Many of his employees came from China Eagle Union. (Other former union members are successful businessmen or in jail.)

Is Wan ever tempted to joust again with cyberwarriors across the globe? He shakes his head. Yet, he adds: “I’m still a hacker in spirit. I always will be.”

Full Story: China’s Hacker King

26 comments
outspoken
outspoken

US  is doing this  even beofre China  started this.

IreneOgrizek
IreneOgrizek

I'm not sure how worried we should all be about these hacking situations. The severity of them is difficult to judge.  I do think we should be monitor our tendencies to be afraid of others. Not sure whether it's paranoid or not. I've written about internet transparency on a more local scale: http://ireneogrizek.ca/2013/02/20/7047/

rorywong654
rorywong654

Last chance to save the world ,don't buy or have anything to do with US unless it's necessary.

ChasL
ChasL

Hannah, is it correct I've seen you writing for China Digital Times, a well-known anti-China propaganda outlet funded by the US government via National Endowment for Democracy grants?

I urge you to fact check the Mandiant report, it's full of holes. For one the hacker DOTA was outed by Anonymous back in 2011 (Google "d0ta010 2j3c1k").

Mandiant makes other mistakes, like the word "Mei", plum flower, is the national symbol for ROC(Taiwan) not PRC. China experts like you should bee able to pick up stuff like this, but if you rather retain NED grants for CDT, I'll understand.

MichellePastor
MichellePastor

This has been going on for over a decade. These perfectly syncronized news reports come out, all in perfect timing, smelling like the usual White House fed talking points simply makes me suspicious. I miss the days when I read the news and didn't feel like I was being conned.

SopheapAng
SopheapAng

Hannah, it would be great news to me if you start writing about how your hairy and smelly kitten was hacked and your chery stolen by the Chinese.  Have you ever asked yourself why your hairy kitten was so easily hacked?  Have you ever thought of wearing a chasitty belt and give the key to your uncle?  If you haven't, maybe now is the time you start wearing one and stop accusing the Chinese for hacking your hairy kitten.

SopheapAng
SopheapAng

Eventhough you might be wearing a transparent Victoria's Secret thong, but from the picture that you posted, I don't think I would want to see it.

Luscus
Luscus

@SopheapAng jajajaja YOUR HAIRY KITTEN?  jajajajaja   Thank you I enjoyed that.

However nice it feel to be a patriot, you dilute yourself if you think your country (or any other country) is not actively trying to hack it's way into another countries secrets, be those technological or political. It is called spying and it is as old as selling your Hairy Kitten (Sorry I had to sue it)

ChasL
ChasL

So I guess you have proof that I'm paid? What, no? You see, this is the beauty of McCarthyism. All I have to do is stand up and challenge you.

NED's grants to CDT is public information that can be easily verified on Google.

Here're some more problem with Mandiant's report: 1) Mandiant claims Hebei is part of Shanghai, but we all know it's 500 miles and 3 provinces away. 2) The address Mandiant claims is Unit 61398 Central building is actually address of the shadowy Unit 61398 Kindergarden. Google "site:starbaby.cn 61398" and see the preschool's review, and enrollment info.

TheTertiumQuid
TheTertiumQuid

@Luscus @SopheapAng Luscus: SopheapAng is not nor will ever be your friend or worthy of any type of response.  He is a creature who will forever seethe in the gutter of want.

SopheapAng
SopheapAng

@LuscusYour azz must have been hacked by the Chinese too I suppose.  One thing I want to know is:  did you bend over voluntarily or did they have to force you?  Did their hacking of your azz make an easy entry?  If it did, was it because your azz was too loose because of your uncle's constant fisting?  I just want to know the reason why your azz can be hacked so easily.

ChasL
ChasL

I live in Seattle, name the place we can settle this in person.

oamuwtikcus
oamuwtikcus

@ChasL You'll never be more than a wumao, go back to CCP land you have no loyalty towards democracy and freedom 50 cent lap dog

ChasL
ChasL

I see you have nothing to say about the facts cited, only personal attack. Going after me will not make Madiant's mistakes go away.

BTW, I drive a German sports car, and super unleaded in Seattle is over $4 a gallon. I'm gonna need at least 50 dollars per post to make it worth my while.

oamuwtikcus
oamuwtikcus

@creatorbay @oamuwtikcus @ChasLLadies and Gentlemen. Please be informed that China's Wu Mao Party, also known as the 50 Cent Party, is now actively engaged in spreading pro-China propaganda on Time Magazine. These individuals are paid web commenters who surf the web under the guise of regular people and seek to sway public opinion by presenting unrelenting pro-China views to counter and overcome any negative ones. They also routinely blast any critics or opponents of the Communist Party of China.


At home the 50 Cent Party activities amounts to something a little short of "thought policing." Real Chinese have grown accustomed to the constant barrage of propaganda 'white noise.' Overseas however, effects of 50 Cent 'astro-turfing' can be worse. Unaware Americans are being subjected to Chinese psychological warfare. It is something short of an act of war, but they are direct acts of sabotage as they ruin the overall quality and purpose of web browsing. In order to counter the 50 Cent Army, responsible netizens should create as much anti-Communist Party of China buzz as possible whenever they come across posts by suspected 50 Cent'ers. Be aware they often adopt western sounding names but sport oddly mangled syntax and strangely euphoric yet similarly pre-scripted lines like how they love the "Chinese people" or "lived in China for a while." At best whoever pays the 50 Cent'ers will see their program is not working which could lead to it's demise. At worst you can get a 50 Cent grunt to flip out and lash out at us "western idiots" and "seh gwai lo's." They don't get paid their standard per post fee for overly negative ones that may end up alienating their targets.

Furthermore Wu Mao 50 Cent Army posts in certain cases express messages of hatred, like "hate the Dali Lama" or hate "civil rights activist terrorists." 50 Cent Army posters have a difficult time presenting the soft sell in these politically sensitive instances. They are easy to recognize as a result and can be easily baited to reveal themselves.

The point is to make it as difficult as possible to do their jobs. We can't ignore them like the Chinese people do or like them we will find these people will NOT go away. Granted the Chinese people have no other choice, but we must exercise our still existing power to do something before we find ourselves in the same boat.

Public information on the 50 Cent Party/Army can be readily found on wikipedia and around the "free" net. Truth, justice and peace.

oamuwtikcus
oamuwtikcus

@creatorbay @oamuwtikcus @ChasL typical wumao response, probably on you other account (standard wumao practice) keep hauling water for corrupt dictators, men of low moral worth are a dime, or should a say, a wumao a dozen in CCP land. 

creatorbay
creatorbay

@oamuwtikcus @ChasL  So, just because the 50 Cent Party would post criticism of someone like the writer of this article, necessarily means that anyone who makes such critiques must belong to the 50 Cent Party? Either you failed fifth-grade math class, for being incapable of grasping the basic concept that "If A, then B" is not equivalent to "If B, then A", or you just don't care about the idiotic, xenophobic tripe leaking out of your pie hole, simply because you are the same type of troll, by your own description, on a mission to spread your own rabid propaganda, attempting to sway public opinion and stifle dissent, ironically as you had accused ChasL of doing, while being paid by your puppet masters to do so, just as you had accused the other guy of doing as well.  Well, you're doing a poor job at it, with a pathetic logic fail right out of the gate, to which I'm sure a nitwit like yourself is also clueless.

oamuwtikcus
oamuwtikcus

@ChasL try harder wumao

50 Cent Party

From Wikipedia, the free encyclopedia

This article contains Chinese text. Without proper rendering support, you may see question marks, boxes, or other symbols instead of Chinese characters.

50 Cent Party

Traditional Chinese五毛黨

Simplified Chinese五毛党

[show]Transcriptions

The 50 Cent Party are Internet commentators (网络评论员, 網絡評論員, wǎngluò pínglùn yuán) hired by the government of the People's Republic of China (both local and central) or the Communist Party to post comments favorable towards party policies in an attempt to shape and sway public opinion on various Internet message boards.[1][2] The commentators are said to be paid fifty cent of RMB for every post that either steers a discussion away from anti-party or sensitive content on domestic websites, bulletin board systems, and chatrooms,[3] or that advances the Communist party line.

oamuwtikcus
oamuwtikcus

@SopheapAng oh did lil'wumao boy go make another account, thats sweet :D one wumao with three accounts on one article, so obvious!

oamuwtikcus
oamuwtikcus

@SopheapAng sorry I could understand you with the little ccp cadres wang in your mouth, please come back after you are finished being on your knees

SopheapAng
SopheapAng

Another kwok zucking kwok zucker.

SopheapAng
SopheapAng

@TheTertiumQuidYou must have zucked your uncle's limply kwok one time too many and swallowed one mouthful too much.  Do you realize you have kum ozzing out from your kwok zucking mouth from being full already?