Cable reveals US concerns over Chinese cyber-warfare

Cable reveals US concerns over Chinese cyber-warfare

Summary: Diplomats in China are concerned that official access to Microsoft source code could be used in cyber-warfare by the country, according to a Wikileaks document

TOPICS: Government, Security

The US government is concerned about the links between Chinese hacker groups and the Chinese government body that controls local access to Microsoft source code, according to documents released by Wikileaks.

Chinese information security companies such as Topsec, the largest Chinese infosec vendor, have recruited known hackers, according to a US diplomatic cable released by the whistleblower group on Saturday. From June 2002 to March 2003, Topsec employed Lin Yong as a senior security service engineer to manage training, the cable added. Lin, who was known as 'Lion', set up the Honker Union of China hacking group.

Read this

ITU head: Cyberwar could be 'worse than tsunami'

Hamadoun Toure, the UN agency's secretary-general, has called for a global 'cyber peace treaty' in the context of the 'new world order' of cyberspace

Read more+

As a result of these links, the US government is concerned about the Chinese state and private sector acting together to develop cyberattack capabilities.

"As evidenced with Topsec, there is a strong possibility the PRC [People's Republic of China] is harvesting the talents of its private sector in order to bolster offensive and defensive computer network operations capabilities," according to the cable.

Topsec received some of its startup capital from the Chinese state and is affiliated with the China Information Technology Security Center (CNITSEC), said the cable. The CNITSEC has responsibility for certifying IT for Chinese government use. In 2003, the CNITSEC signed a Government Security Program (GSP) agreement with Microsoft that gave a number of companies, including Topsec, access to Microsoft source code to develop secure Windows implementations.

Topsec had not responded to a request for comment at the time of writing.

In addition, the US government was also concerned that XFocus — a hacker group that the US believes was involved in developing Blaster worm exploits — had links with VenusTech, a Chinese company that also had access to Microsoft source code.

"While links between top Chinese companies and the PRC are not uncommon, it illustrates the PRC's use of its 'private sector' in support of governmental information warfare objectives, especially in its ability to gather, process and exploit information," the cable read.

Wikileaks documents released last week highlight other negotiations that US companies enter into to trade outside the US. A diplomatic cable released on Wednesday showed that Intel threatened to lay off over 200 engineers from its Russian research and development facility if it were not allowed to import cryptographic goods.

Topics: Government, Security

Tom Espiner

About Tom Espiner

Tom is a technology reporter for He covers the security beat, writing about everything from hacking and cybercrime to threats and mitigation. He also focuses on open source and emerging technologies, all the while trying to cut through greenwash.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • I've posted the IP addresses of Chinese attack servers on my blog, as well as documentation of my unsuccessful attempts to involve the FBI in attacks on my little Linux box. How about we change US law and allow us to protect ourselves? I call this TheMorganDoctrine.
  • I've said it before and I'll say it again: THE MASS IS THE MEDIA!
  • I have suggested that one of the top priorities of any hacking operation is to insert yourself into the supply chain of major vendors. Better yet, get the source code for the operating system of a major vendor. Kudos to China for getting Microsoft source code. If we're dumb enough to give it to them, then we deserve the consequences.