How did Xi Jinping level up Chinese hackers?
In recent years, we often hear news such as 'Chinese hacking teams attacked foreign companies and government agencies.' Behind this, there was a national hacker training plan led by President
How Xi Jinping leveled-up China's hacking teams - CyberScoop
https://www.cyberscoop.com/china-hacking-talent-xi-jinping-education-policies/
President Xi has promoted cyber security policies since 2014, the year after he became president, and has begun to invest in bureaucracy, universities, human resource development, research, etc. Mr. Cary explains the policy actually taken by President Xi as follows.
◆ Development of hacker human resources
In China in the 2000s, policy makers called hackers a ``talented few'' and finding the necessary talent was ``like finding flowers in a field of wheat''. Although we found outstanding human resources at cyber security contests held from time to time and recruited them to government agencies, this was an inefficient method and we could not continuously supply human resources.
Therefore, President Xi established the Central Cyberspace Affairs Commission to lead cybersecurity issues, and called on universities to evaluate and standardize cybersecurity education. By 2015, the Ministry of Education has deployed cybersecurity education standards throughout China, and universities have adjusted their curricula.
◆ Top-down from administration
In 2016, the
Immediately after the national cyberspace security strategy was released, Wuhan City in Hubei Province referred to the Research Triangle Park, a high-tech park in North Carolina, USA, to establish a 'National Cybersecurity Talent and Innovation Base'. announced the construction of This was to train and research cybersecurity human resources in collaboration with universities on a vast site, and to attract companies by giving preferential tax treatment. In addition, Guiyang City in Guizhou Province is implementing policies that focus on the big data industry, and these policies are also supported by the central government.
In addition, the Chinese government accredited several universities as World-Class Cybersecurity Schools (WCCS) in 2017 to set standards that should be modeled, and at the same time, to improve the abilities of students through competition. We held a large number of hacking contests. At the time of writing the article, hundreds of hacking contests are held annually, and sometimes thousands of teams participate.
China's Ministry of Public Security regards software vulnerabilities as a kind of 'resource' and requires domestic security researchers to report to the Ministry of Industry and Information Technology within 48 hours of discovery. . According to a (PDF file) report released by Microsoft in 2022, this policy has led the Chinese government to collect more zero-day vulnerabilities and deploy cyber attacks.
◆ Chinese hackers today
A
Mr. Cary pointed out that Chinese hacker groups will not rely on outstanding individual skills as in the past, but will consist of ``nameless civil servants'' controlled by the bureaucracy. Also, while cyberattacks are constrained by external factors such as the widespread use of Windows, China's ambitions of a self-contained computing ecosystem could enable even more efficient cyberattacks. I have.
Of course, this ambition will take time to materialize. However, Cary said, ``It's been less than a decade since President Xi took power and made cyber capabilities one of China's priorities,'' and the day the threat becomes a reality may not be as far away as you think. I suggested that it could not.
Related Posts:
in Note, Posted by log1h_ik