1

Taiwan Hacker Love Fest Tests Assumptions of European Softness on China

December 24, 2018 Topic: Security Region: Taiwan Blog Brand: The Buzz Tags: TaiwanHackersEuropeChinaHuawei

Taiwan Hacker Love Fest Tests Assumptions of European Softness on China

Despite China’s growing reputation as a cyberbully, European attendees were annoyed by suggestions that Europe, especially Germany, was “soft” on Chinese cyber espionage/sabotage posed by telecommunications companies, such as Huawei and ZTE.

TAIPEI – The 2018 HITCON Pacific Conference was packed with cyber hacker specialists from around the world, making Taipei one of the most influential cyber security players. Taiwan is a leading computer and information technology developer and manufacturer with armies of hackers and cybersecurity specialists.

HITCON stands for “Hackers in Taiwan” and this year was the fourteenth conference (Dec. 13-14), making it one of the oldest hacker security conferences in existence.

Attending the annual event were European, Japanese, Korean, Russian and American hackers and cyber specialists, but no representatives from the Borg Collective were allowed.

Despite China’s growing reputation as a cyberbully, European attendees were annoyed by suggestions that Europe, especially Germany, was “soft” on Chinese cyber espionage/sabotage posed by telecommunications companies, such as Huawei and ZTE.

One European attendee said that it was unjustified to call cybersecurity and intelligence professionals from the United Kingdom, France and Germany, or even Europe, in general, “soft” on the China threat.

He agreed that Huawei's presence in Europe is a result of complex processes, partly due to lack of knowledge about links to Chinese security and intelligence apparatus. However, France, under French president Emmanuel Macron, is among the strongest proponents of pushback against China.

“Germany is no fool either, the government blocked the purchase of a stake in 50Hertz, a high-voltage energy network operator, by the State Grid Corporation of China and just introduced tightened screening processes for foreign investment and acquisitions of German companies.”

On December 17, the Czech government’s National Cyber and Information Security Agency (NCISA) issued an alert not to use technical or program tools produced by Huawei and ZTE.

Further, the NCISA warning stated:

“The legal and political environment of the People's Republic of China (PRC) in which the companies primarily operate and whose laws are required to comply with, requires private companies to cooperate in meeting the interests of the PRC, including participation in intelligence activities, etc.”

Additionally, the alert said that Huawei and ZTE “do not refrain from such cooperation with the state; in this environment, efforts to protect customers’ interests at the expense of the interests of the PRC are significantly reduced. According to available information, there is an organizational and personal link between these companies and the state.”

Many European attendees of HITCON simply chose to point at the success of influence operations beyond the European continent as evidence they were working harder than most to stop insidious behavior from Beijing.

“Whatever Chinese influence is in Europe, we still do not have outright MSS [Ministry of State Security] agents as elected representatives, like New Zealand,” he said. “I get that mocking Europe never gets old, but hey, give us some credit.”

The New Zealand reference is to unproven allegations that MP Jian Yang was a spy for China. Yang did not reveal his previous military career in China’s intelligence language academy and membership in the Communist Party of China. Officially, Yang was never accused of being an MSS agent, but failed to disclose his spooky past in immigration papers when applying for New Zealand citizenship in 2004 and later running for public office in 2011.

Overall, the HITCON event did display an amazing variety of speakers and attendees.

Some of the speakers went only by their call signs: bbbig, cdor1, gasgas, h2spice, noo, and push0epb. Others were far more transparent, such as Philippe Lin, Trend Micro’s senior threat researcher, who spoke on reversing packets and firmware analysis of industrial radio remote controllers.

The one speaker that grabbed the imagination of the attendees, hands down, was that of Cycarrier founder, Jeremy Chiu, who is working on a system that can discover abnormalities in system logs in the surveillance phase before data is stolen.

Chiu is known as the “Birdman” from his hacker days and considered a legend not only in the Taiwan hacker community but internationally. Since hanging up his black hat, Chiu became an expert on malware and served as a contract law enforcement instructor to intelligence agencies in Taiwan. In 2011, Chiu founded Xecure, then sold it to Verint Systems, an Israeli-U.S. company.

Of note was Koichiro “Sparky” Komiyama, deputy director of the Global Coordination Division at the JPCERT Coordination Center. Komiyama spoke on incidence responder issues of Computer Emergency Response Team/Coordination Center (CERT/CC). These type of CERT/CC organizations are now the industry standard for government cybersecurity and virtually every country has one of these entities.

On the corporate level, a CERT/CC type of entity would be equivalent to a Product Security Incident Response Team (PSIRT). Ken Lee, Synology’s senior security analyst, who also spoke at the conference, is the manager of the company’s PSIRT. Lee is well-known for initiating the Synology Security Bug Bounty Program and was a critical responder to major incidents, such as Heartbleed, SambaCry, and KRACKS.

Wendell Minnick is a Taipei-based journalist who has spent two decades covering military and security issues in Asia, including one book on intelligence and over 1,500 articles. From 2006-2016, Minnick served as the Asia Bureau Chief for Defense News, a Washington-based defense weekly newspaper. He has edited over ten books on Chinese military equipment.

Image: Reuters.