Talk on China Cyber Army Pulled After Pressure

A talk on China’s military cyber-attack capabilities has been pulled from the Black Hat security conference schedule following pressure from Taiwanese and Chinese agencies.

The talk, entitled “The Chinese Cyber Army: An Archaeological Study from 2001 to 2010,” was billed as an analysis of China’s government-backed hacking initiatives, based on intelligence gathered from a variety of Asian intelligence groups. The talk was to be given by Wayne Huang, chief technology officer with Taiwanese security vendor Armorize, and Jack Yu, a researcher with the company.

On Wednesday Armorize CEO Caleb Sima announced via Twitter that the talk had been pulled, saying that the “Taiwanese [government] is prohibiting it due to sensitive materials.”

However, Huang said that he decided to pull the talk after vetting it with several organizations that had contributed intelligence and getting pressure from several places, both in Taiwan and in China. In a telephone interview, he wouldn’t say who complained or why, but he said that by pulling the talk Armorize will be able to maintain its good relations with the Asian security community.

“We ran the materials by some key people and they were not happy with it,” he said.

A good deal of the data was collected before Armorize was incorporated in 2006, presumably from government agencies.

“The talk is very sensitive,” Huang said, “We don’t want to argue over who owns which intelligence information, because the community has been quite open to sharing and also, we need each other’s help.”

The talk would have given conference attendees a unique profile of China’s secretive government-sponsored hacking efforts.

“Using facts, we will reconstruct the face of Cyber Army, including who they are, where they are, who they target, what they want, what they do, their funding, objectives, organization, processes, active hours, tools, and techniques,” the presenters wrote in a description of their talk, posted to the Black Hat Web site.

Talks have been pulled from Black Hat before, but typically this happens because of pressure — or in some cases, litigation — from vendors trying to prevent hackers from publicly disclosing security flaws in their products.

Huang was allowed to go forward with an earlier version of the talk at a 2007 conference in Taipei. Three years ago, the data was presented to a mostly Taiwanese audience at a small, obscure conference. Presenting at Black Hat, the world’s preeminent security research conference, would have put it before a much larger audience.

After hearing Huang’s 2007 talk, White Hat Security Chief Technology Officer Jeremiah Grossman wrote that the Taiwanese cybercrime environment is “way more serious than anything I’ve ever been exposed to in the U.S or elsewhere.”

“My job experience thus far has everything to do with criminals attempting to monetize,” he wrote in a September 2007 blog post. “In Taiwan it’s an environment of true military supported cyberwarfare as a result of an intense political climate with China.”

Audience members were not permitted to record the 2007 talk, Grossman said via instant message Wednesday. That restriction wouldn’t have been imposed at Black Hat, however, which does allow talks to be recorded.

State-sponsored hacking has become a major story in the past few years as U.S. companies and government agencies have come forward to say that they have been targeted by a series of sophisticated Internet attacks thought to have been launched from China.

Although China has denied all involvement in these incidents, security experts say that the country has been developing its Internet warfare capabilities over the past decade and is now a world leader.

Robert McMillan covers computer security and general technology breaking news for The IDG News Service. Follow Robert on Twitter at @bobmcmillan. Robert’s e-mail address is robert_mcmillan@idg.com