Wan now runs an IT company that helps other organizations defend against cyberattacks
Wan Tao stabs the keyboard with his middle fingers. It's the only way he types — a defiant gesture expected of an online warrior who once led China's patriotic hacker brigade. For years, Wan, who was known by the online moniker Eagle, terrorized cyberspace, taunting anyone he believed wanted to humiliate his homeland. One of China's most famous hongke, or red hackers, he infiltrated everything from the inboxes of Taiwan politicians to a White House website, where he briefly planted the Chinese flag. "I was the ultimate angry young man," says the founder of China Eagle Union, a collective of Chinese hackers whose hit-and-run forays into foreign computer networks gained them the attention of Western intelligence agencies. "In cyberspace, I felt like I had complete freedom to express myself."
At a time of peace between the world's major powers, the rise of China's hackers points to a troubling new front in global conflict. The list of targets believed to have been infiltrated by Chinese hackers includes: the U.S. Chamber of Commerce, Google, American military contractors and power plants, Western foreign correspondents working in China, Amnesty International, the Tibetan government-in-exile, American drug manufacturers, the European Union, the New York City — based Council on Foreign Relations, even the Pentagon. Hacking out of China ranges from incursions by the state to malfeasance by patriotic individuals like Wan, and various shades in between. Last year General Keith Alexander, head of the U.S. Cyber Command, said China had stolen "a great deal" of American military technology through hacking. FBI Director Robert Mueller predicts that cybercrime by Chinese and other actors will soon replace terrorism as America's biggest threat.
Hacking a government or a company is hardly the exclusive domain of Chinese techies. Russia and Iran have been fingered by the U.S. government for their efforts to compromise top-secret American computer systems. It would be naive to expect the U.S. Cyber Command not to be interested in breaching China's online defenses. In 2011, China's People's Liberation Army (PLA) formed a so-called Blue Army of officers to combat what Beijing says are mounting attacks on its own computer networks. Nor are states the only actors in this shadowy war. Earlier this year, Anonymous, the antiestablishment global hacker group, broke into the computer systems of the U.S. Federal Reserve and the U.S. Department of Energy. Perpetrators of industrial espionage know no geographical boundaries.
Still, with an authoritarian regime overseeing a vast computer-savvy populace, China presents a unique menace in cyberspace. Chinese online espionage targets both foreign state secrets and technological innovations as well as organizations that are perceived to embarrass China, like NGOs critical of Beijing's human-rights record. It's impossible to estimate how many Chinese computer geeks work directly for the state. Beijing has repeatedly rejected accusations of official involvement in hacking. But China's denials run counter to the estimations of Western security experts and intelligence agencies, who have become more vocal in fingering Chinese hackers for sustained and sophisticated attacks on foreign IT systems. "[China has] so many more people who are able to hack than any other country," says Murray Jennex, a cybersecurity expert at San Diego State University. "This could get real serious, real fast."
When uncovering a months-long assault on global energy companies traced to Chinese computers, IT security firm McAfee noted that the hackers, who accessed massive amounts of confidential information, worked only on weekdays, logging in at 9 a.m. Beijing time and finishing at 5 p.m. McAfee added that "the attackers employed hacking tools of Chinese origin and that are prevalent on Chinese underground hacking forums." The U.S. security firm also blames Chinese hackers for well-coordinated attacks on Google, Yahoo and many other tech firms. A December intelligence report by another cybersecurity company, Mandiant, found that more than 30 employees of Western media organizations were being targeted by PLA-linked computers based in Shanghai, according to one of the hacking victims, the New York Times. Mandiant accuses China of using these same computers for earlier online strikes on more than 100 American firms.
It's not just China's official cyberarmy that has been dispatched to the front lines. Primed by heavy doses of nationalist education that emphasize how China was ravaged by Japanese and Western powers, a corps of angry young Chinese men — yes, most are men — have flocked online to flex their muscles and express their patriotism. Their actions could be dismissed as harmless pranks — defacing a Western government's website rather than, say, stealing nuclear data or industrial secrets. But hongke machismo feeds a more malicious form of state-sponsored hacking, and it is telling that China's patriotic hackers have not been punished at home for their overseas attacks. While Chinese hackers boast about their exploits online, it's rare to hear one articulate why he chose to hack for nationalist reasons. The story of Wan Tao, now 41, and his China Eagle Union — which at its height boasted hundreds of members who raided foreign computer systems with the government's tacit approval — gives an inside glimpse into the underground world of Chinese hackers: their motivation, exploitation and, in some cases, redemption.
Born in 1971, Wan was a dutiful only child, his mother a teacher and his father a cadre in the powerful Ministry of Railways. But in 1989, when he was in high school, the democracy movement began flowering in Beijing. Even in his small town in eastern China's Jiangxi province, the spirit of reform galvanized Wan. He ran away from home and made contact with local democracy activists. Then the tanks rolled into Tiananmen Square.