×

Hacker weighs in on US-China cyber spat

Hacking hacker cyber security
Altrendo Images | Getty Images

Cybersecurity will be high on the agenda when Chinese President Xi Jinping and U.S. President Barack Obama get together during President Xi's seven-day state visit to the U.S.

But far way from the pomp and ceremony, a self-proclaimed hacker huddles in front of a computer in his office in southern China.

The former military officer – who would only give his code-named "Prince" – says he's on the frontline of the global cyber-war.

The 32-year-old claims he heads a five thousand-strong team of activists known as the Honker Union or Red Hackers which he claims have hacked what he considers China's enemies.

"I decided to learn hacking skills after my computer was hacked," he told CNBC.

"After I retired from the army, I thought I could use my skills to continue to serve and love my country. I chose to be a Red Hacker to be the personification of justice."

CNBC could not independently verify his claims and China's government have strongly condemned cyber crime of any kind.

Nonetheless China's hackers continue to be a source of friction between Washington and Beijing.

Alleged cyberattacks from China have angered the U.S. which has blocked business deals for Chinese companies. Washington is now considering sanctions on those suspected of engaging in commercial cybertheft. U.S. officials are expected to bring up their complaints to their Chinese counterparts during President Xi's trip.

Prince denies his group has targeted U.S. companies though he says it has attacked commercial organizations in regional rival Japan.

"In terms of Japan, our primary target is the government website then commercial organizations. Japan invaded China before therefore we have kept files on many targets," he said while sitting at his desk in front of two computer screens.

"Normally, we first narrow down our targets and then run software to analyze the loopholes in the website or system. We detect the most vulnerable process or the most destructive part and then launch the attack."

He demonstrated how quickly he can hack into a local hospital. He finds an email. Based on the security question, he guesses passwords like the hospital address. By the third try, he is in the system in less than five minutes. "We are now able to gather more information -- email, phone numbers, fax…" he explained.

Prince said the most common attack is a distributed denial-of-service or DDoS attack to cripple a website.

"We never proactively launch attacks for no reason. We only do it when China's national interest is harmed," he said.

"In most of the cases, we just fight back."

For attacks, he says the hackers act on their own but that occasionally they're called on by the government to help track those believed to be working against the state.

"I independently have some cooperation with the Chinese government but it's all off the record," he said.

"The government normally asks me to follow the electronic footprint of different hackers, gather information on hackers, and ultimately submit official reports."


CNBC contacted Chinese authorities, who said they wouldn't comment on individual cases.

In the U.S., President Xi emphasized that his government does not support hacking activities. "The Chinese government will not in whatever form engage in commercial theft, and hacking against government networks are crimes that must be punished in accordance with the law and relevant international treaties," Mr. Xi said.

President Xi said China would support the establishment of "a high-level joint dialogue mechanism with the United States on fighting cyber crimes."

Speculation has been mounting that President Xi and President Obama could announce a cybersecurity "code of conduct" -- the equivalent of an online arms control agreement though expectations are low that any pact would include specifics regarding commercial espionage.

"The U.S. and China have been pointing a finger at each other over hacking claims for a long while. But no one has evidence and no one will admit it," Prince said.

"We have been very careful with launching attacks targeting U.S. organizations because the technologies over there are very advanced and the U.S. hackers are very good."

Follow us on Twitter: @CNBCWorld