China’s cybersecurity landscape has undergone a significant transformation in recent years, with experts from the country becoming prominent players in global hacking contests and bug bounty programs. Previously, Chinese hackers were hesitant participants, but now they dominate these competitions, earning substantial prizes and gaining valuable experience that the Chinese government is leveraging to strengthen its cyber-offensive capabilities.
For instance, the Keen Team was the only Chinese group to win a prize at the Pwn2Own exploit contest in 2014, claiming 13% of the total prize money. However, by 2017, seven China-based teams accounted for a whopping 79% of the prize money. This surge in Chinese participation led to the government banning involvement in Western contests, citing national security concerns over the critical vulnerability information being revealed.
The success of China’s cybersecurity pipeline can be attributed to the direct benefits gained from civilian hackers who contribute to the nation’s offensive cyber programs. The government’s strategy of requiring all vulnerabilities to be reported to authorities has created a pool of highly skilled researchers that are among the best globally, according to Eugenio Benincasa, a senior researcher at the Center for Security Studies (CSS) at ETH Zurich.
By positioning itself as the final recipient of vulnerability disclosures, the Chinese government can harness the expertise of civilian researchers at scale and without incurring costs, further bolstering its cyber capabilities. This approach aligns with China’s overarching Military-Civil Fusion (MCF) initiative, which emphasizes collaboration between military and civilian entities to enhance national security.
The rise of China’s cyber-offensive prowess has raised concerns among other nations, particularly in the Asia-Pacific region, as Chinese advanced persistent threat (APT) groups continue to pose significant challenges. Recent incidents, such as the coordinated attacks by three threat teams on a Southeast Asia government agency in “Operation Crimson Palace,” highlight the increasing sophistication and aggressiveness of China’s cyber operations.
From university capture-the-flag competitions to military cyber operations, China’s cybersecurity pipeline exemplifies the country’s focus on practical training and vulnerability disclosure. This strategy has proven highly effective, with technical graduates actively searching for vulnerabilities in Western products, ultimately enhancing China’s offensive capabilities.
The Chinese cyber-offensive ecosystem consists of two main groups: vulnerability researchers and offensive security specialists who compete in hacking contests and bug bounty programs, and contracted or professional hackers who weaponize vulnerabilities for targeted attacks. These groups work in tandem to identify and exploit vulnerabilities, contributing to China’s growing expertise in cyber operations.
While China’s success in cybersecurity competitions has been impressive, there are downsides to consider for defense strategies. The reduced participation of Chinese teams in Western hacking contests indicates a shift towards keeping valuable exploits private, rather than demonstrating them publicly. This trend poses challenges for defensive measures, as the lack of public disclosure limits the effectiveness of these competitions in identifying and addressing vulnerabilities.
Moving forward, China is expected to continue focusing on both international and domestic hacking competitions, aiming to maintain expertise in targeting Western products for offensive purposes while strengthening defenses on domestic platforms. This dual approach reflects China’s strategic intent to balance offensive and defensive capabilities in the evolving cybersecurity landscape.
Overall, China’s cybersecurity superstars have emerged as formidable competitors on the global stage, showcasing the country’s commitment to leveraging its cyber talent for both offensive and defensive operations. As the cybersecurity landscape continues to evolve, China remains a central player in shaping the future of cyber warfare.