China is building a cyber army of hackers: Report
www.firstpost.com
Hackathons are common, but Chinese hacking competitions are different. China has been dominating popular international cybersecurity competitions like Pwn2Own. However, more recently, the country has developed its own hacking contests, essentially withdrawing from international events

Archived version

Hackathons are common, but Chinese hacking competitions are different.

In 2017, Zhou Hongyi, the founder of Chinese cybersecurity giant Qihoo 360, publicly criticised the practice of sharing vulnerability discoveries internationally, arguing that such strategic assets should stay within China. His sentiments, supported by the Chinese government, gave birth to the national hacking competition called the Tianfu Cup. The contest is focused on discovering vulnerabilities in global tech products like Apple iOS, Google’s Android, and Microsoft systems.

How is Tianfu Cup different?

A 2018 rule mandates participants of the Tianfu Cup to hand over their findings to the government, instead of the tech companies.

Dakota Cary, a China-focused consultant at the US cybersecurity company SentinelOne, said, “In practice, this meant vulnerabilities were passed to the state for use in operations.”

This approach effectively turned hacking competitions into a government pipeline for acquiring zero-day vulnerabilities — software flaws unknown to vendors and extremely valuable for cyber-espionage.

In recent years, China’s hacking competitions have increasingly shifted focus toward breaching domestic products, including Chinese-made electric vehicles, phones, and security software.

  • randomname@scribe.disroot.orgOPEnglish
    3·
    3 hours ago

    As a response to several of the posts in this thread: It is really amazing how many people here on Lemmy are downplaying or even denying China’s crimes (even many admins and mods). You can post articles critical of the US, EU, Australian or any other government, but if you post a China-critical text you are whatabouted to death. The tonality of many of these comments alone is very telling.

    • jarfil@beehaw.org
      1·
      3 hours ago

      Why is this article “critical with China”? From the sound of it, the Tianfu Cup is clear about its goals, that’s a surprisingly high level of transparency. All hackathons are geared towards finding and hiring hackers, both by companies and by governments. This way, people can decide whether they want to be recruited by the CCP or not.

  • t3rmit3@beehaw.org
    5·
    12 hours ago

    Chinese hacking competitions (plural) are different

    A 2018 rule mandates participants of the Tianfu Cup (singular) to hand over their findings to the government

    This approach effectively turned hacking competitions (plural)

    So the article uses one competition doing this to assert this as “Chinese hacking competitions”. There are tens if not hundreds of hackathons in China.

    Please stop posting these heavily biased or misleading articles about China from questionable sites.

    We get it, you don’t like China. We got that after the first 50 posts about China being bad. Most of us don’t like the CCP either.

    But at least post reputable sources that don’t push agendas quite so blatantly.

    For anyone interested, this site (firstpost.com) is an english-language Indian news site owned by Network18, a news conglomerate with a right-leaning, pro-Modi bias.

  • demesisx@infosec.pubEnglish
    8·
    20 hours ago

    This story deserves a “no doy!”

    All major world powers are bolstering their cybersecurity. If they weren’t, they wouldn’t survive in such an opportunistic world.

    • randomname@scribe.disroot.orgOPEnglish
      12·
      19 hours ago

      This is not about ‘bolstering cybersecurity’ but rather about attacking other countries. There is nothing even remotely similar to a ‘Tianfu Cup’ in any other country.

      As I asked already in another thread: Why is it that whenever one posts something critical of China here on Lemmy, there is some commentary arguing that the US is doing the same? I don’t understand that.

      That’s whataboutery back and forth.

      • Avid Amoeba@lemmy.ca
        7·
        18 hours ago

        This post is critical of China? I thought it shows their competency and forethought. I wish my government was competent enough to realize the importance of cyber warfare and organize such contests.

      • demesisx@infosec.pubEnglish
        7·
        19 hours ago

        Embedding Trojans in your enemy’s infrastructure and leaving them to be switched on in times of war is ABSOLUTELY defense. You may not like it. But that’s called cyber warfare.

        Quick question: Do you fundamentally disagree with what China is accused of but fully support Israel and the US’s extrajudicial backdoors, Trojan horses, domestic spying, pager bomb assasinations, AI targeted air strikes, and other clandestine war crimes just because they are perpetrated by “the good guys”?

        • xrun_detected@programming.devEnglish
          3·
          15 hours ago

          nice try derailing the conversation with a “quick question”, let’s ignore it.

          you are correct, it is cyber warfare, and china sees the US as their enemy. however it is not “ABSOLUTELY” defense.

          i guess the conventional warfare equivalent would be to place explosives on the territory of your enemy to set it off in case of war. which smells way more like preparing active warfare than some kind of defense.

          it brings it’s own set of problems as well. let’s say they get triggered by accident, either by incompetency or a third conflict party.

          it will be very hard to explain why they were there in the first place, and “yes we deployed the <insert ‘defensive’ measure> on your soil, but it wasn’t us who triggered it.” might just not cut it.

        • randomname@scribe.disroot.orgOPEnglish
          4·
          18 hours ago

          @[email protected]

          Quick question also to you: Do you fundamentally disagree with what Israel and the US are accused of but fully support China’s domestic surveillance, transnational repression, supression of free speech and freedom of the press, bullying of its neighbours, aggression against Taiwan, just because they are perpetrated by “the good guys”?

          • demesisx@infosec.pubEnglish
            6·
            16 hours ago

            You conveniently dodged my question, then asked me stupid questions, thinking I’d have to agree with cherry-picked offenses by China. I am not a fan of China. I just think they are justified in defending themselves. Furthermore, I think it’s hilarious that the the US decided to offshore our high tech goods to have them manufactured there as if we weren’t ASKING to be hacked. The only solution going forward is CLEARLY domestic RISC-V manufacturing and not allowing our enemies to manufacture our critical technologies.

            Do I support China’s:

            • domestic surveillance: of course not
            • transnational repression: of course not
            • supression (sp!) of free speech and freedom of the press: of course not
            • bullying of its neighbours: of course not
            • aggression against Taiwan: of course not

            Do I support China engaging in pre-emptive cyber warfare against aggressors: absolutely

            Do I support the US engaging in pre-emptive cyber warfare against aggressors: absolutely

            Do I support Israel engaging in pre-emptive cyber warfare against aggressors: absolutely

            Do I support war crimes being committed by ANY of these countries: NO

    • Tablaste@linux.communityEnglish
      4·
      16 hours ago

      It reminds me of the PowerPoint my company had.

      It was this graph showing how many tech people they have since 1960, and the numbers kept multiplying.

      How they rated tech people was someone who works behind the computer. So yeah, as we gain more employees, we tend to put them behind computers to do work?