Jul 14 2008
Bruce Schneier is a well-known security and cryptography researcher. He has a popular blog where he posted his recent article detailing “The Truth About Chinese Hackers”, which was written for Discovery Channel.
This article is not particularly insightful and sort of lumps all of the Chinese hackers into a single group of young, male patriotic kids doing it for the babes and limos.
These hacker groups seem not to be working for the Chinese government. They don’t seem to be coordinated by the Chinese military.
The hackers are in this for two reasons: fame and glory, and an attempt to make a living.
This is very short sighted. We should be honest here, neither Bruce Schneier nor Heike and I know with absolute certainty what Chinese hackers are doing, who is coordinating them and who might be paying them. Maybe the article shouldn’t be titled “The Truth About Chinese Hacker” because Bruce doesn’t know what the truth is (Heike would have said that he couldn’t handle the truth either, but that’s not my style).
I think a lot of people assume that activity attributed to the PRC is simply based on the IP address. After studying spear phishing attacks, custom malware attacks and the types of data that have been exfiltrated from various NGO targets it seems likely that some entity is coordinating the collection and exploitation of this information. In my humble opinion, there may be more to this than WoW passwords.
11 Responses to “Bruce Schneier: The Truth About Chinese Hackers”