In 2005, against the backdrop of increasing tensions between China and Japan, servers hosting the website of Tokyo’s Yasukuni Shrine, Japanese Ministry of Defense, National Police, and other websites across Japan were shut down by cyber-attacks or defaced with Chinese Nationalist symbolism. Outside of Japan, computer systems supporting the White House, the State Department, and more than 100 other government websites were struck with server requests and virus-infected emails. These attacks represent only a few incidents in an expansive history of Chinese hacker attacks.The hackers responsible for these recent large-scale cyber-attacks are a loosely organized confederation of Chinese citizens comprised of students, working professionals, criminals, and many other individuals from a variety of social backgrounds within China. They are known collectively as “Patriotic Hackers,” forming their own independent community, culture, and hierarchies within Chinese cyberspace. More formally, Patriotic Hackers “refers to networks of citizens and expatriates engaging in cyber-attacks to defend their mother country or country of ethnic origin.”
The Puzzle: Why does the People’s Republic of China support Patriotic Hacker Attacks?
Even though Patriotic Hackers are not official agents of the Chinese government, China consistently supports and mobilizes Patriotic Hackers to launch attacks against foreign targets. While the Chinese government has embraced the Internet as a tool of modernization, it has simultaneously understood the Internet to be an inherent threat to the stability of the Chinese Communist Party and has significantly invested in efforts to regulate Internet activity both within and outside of Chinese cyberspace.
On the surface, there lies a contradiction between the Chinese government’s support for some Patriotic Hacker attacks and the CCP’s policies regarding Internet censorship and regulation. First, Chinese Patriotic Hackers are a powerful threat to the Chinese government because they are a large politically active organization capable of subverting Chinese political stability. China’s support for Patriotic Hacker attacks against foreign targets seems inconsistent with its aims to suppress and limit potential threats to the stability of the government because these cyber-attacks foster political passions which could spiral out of control and turn against the Chinese government’s interests. Second, large-scale government support for Patriotic Hacker attacks is virtually non-existent, especially among Western countries like the United States. Only a few instances of government sponsored Patriotic Hacking can be seen in Iran and Syria, with Russia and China being the only governments who sanction large-scale Patriotic Hacker attacks. Yet, if mobilizing Patriotic Hackers to attack other countries benefits governments, more countries should theoretically utilize Patriotic Hackers. Then, why does the People’s Republic of China support Patriotic Hacker attacks?
Chinese policy towards Patriotic Hackers is an especially difficult topic of research for several reasons. The exact motivations behind a country’s behavior are abstract concepts that are difficult to quantify and analyze. Chinese media censorship, makes resources on Chinese Patriotic Hackers difficult to access. Finally, these hackers form shadowy and continuously changing organizations that are increasingly difficult to study.
This paper attempts to clarify the relationship between the Chinese government and Patriotic Hackers by developing and testing a theory built upon empirical observations of the Chinese government and Patriotic Hackers. To explain why the Chinese government supports Patriotic Hacker attacks, this paper qualitatively examines the history of Patriotic Hacker organizations, the relationship between the Chinese government and Patriotic Hackers, and the nature of Patriotic Hacker attacks. When investigating the history of Patriotic Hackers, this paper draws upon historical research conducted by Scott Henderson, a retired US. Army Chinese linguist, in his independently published book The Dark Visitor. Henderson’s research is conducted primarily through interviews with Patriotic Hackers and an analysis of Internet records preserved by hacker websites. There is little available literature on Patriotic Hackers; while The Dark Visitor is self-published by Henderson which makes his claims difficult to verify, The Dark Visitor is the one of the best resources available on the inner workings of these hacker groups because it is the only major publication to date dedicated to Chinese Patriotic Hackers. To illustrate the relationship between the Chinese government and Patriotic Hackers, this paper utilizes Chinese government media statements, interviews from Patriotic Hackers, and an examination of Chinese Internet policy. The nature of Patriotic Hacker attacks in their trigger, timing, means, target, and impact is explored through second hand strategic commentary and media coverage.
Additionally, this paper focuses on large-scale hacker attacks that are openly organized by Patriotic Hackers due to the ease of obtaining information on these types of cyber-attacks. Unlike other types of cyber-attacks that are designed to avoid detection, Patriotic Hackers utilize attack methods such as web defacements, which are easily observed and studied. This paper does not explore more covert operations committed by Chinese Patriotic Hackers such as cyber espionage because these attacks are not committed by these Patriotic Hacker organizations at-large and are virtually impossible to research.
The central purpose of this paper is to determine why the Chinese government supports Patriotic Hacker attacks. It concludes that the Chinese government supports Patriotic Hacker attacks to control these hacker organizations by fostering nationalist sentiments among Patriotic Hackers. The rise of the Internet has profoundly shaped the role of non-state actors within politics. Individuals are now far better situated to influence political outcomes, even within the international arena. While a single soldier was previously unlikely to significantly impact international affairs, a skilled hacker can now independently steal valuable state secrets and launch impressive cyber-attacks. In fact, international conflict no longer requires state sanction—multiple “hacker wars” have involved the citizens of states against each other without government direction. Understanding why the Chinese government supports Patriotic Hacker attack can also shed light onto how Internet access expands the power of individuals to affect political outcomes. Recognizing how governments will respond to the political consequences of the Internet allows future political interactions to be more effectively modeled and understood.
China’s relationship with cyber warfare is uniquely framed the conventional military power of the United States. China perceives that it is at a significant conventional military disadvantage and develops its Cyber Warfare capabilities as a means to overcome this deficit. Since the 1990s, Chinese military doctrine has reflected the idea that “only countries that take the initiative in an information war or establish information superiority ahead of time will win” by consistently developing its cyber warfare capabilities.
Currently, China possesses one of the world’s best cyber warfare capabilities and has demonstrated that it is capable of compromising some of the United States’ most heavily guarded secrets. Beginning in 2003, a group of Chinese hackers known as “Titan Rain” was able to steal information from government agencies such as the Defense Information Systems Agency, the US Army Aviation and Missile Command, and the US. Army Space and Strategic Defense Installation. Chinese cyber-attacks also target more than government institutions. In 2010, Google announced that it was the victim of attacks originating from China, which targeted the code of Google’s search engine and the personal emails of Chinese human rights activists. These attacks illustrate only several incidents in an expansive history of Chinese cyber operations targeting governments, private companies, and individuals worldwide.
Patriotic Hackers: Early Years and Formation
The history of Patriotic Hackers can be traced back to the birth of the Chinese Internet in 1994. As Chinese citizens went online, individuals naturally shifted their technical skills towards cracking software and registration codes. The first Patriotic Hacker communities were established when individuals interested in “cracking,” organized into online communities to share interests and develop expertise. In 1997, a Shanghai hacker known as “Goodwill” founded the first Patriotic Hacker organization known as the “Green Army” from this online community of early hackers.
In 1998, the first major Patriotic Hacker attack was triggered by anti-Chinese riots in Indonesia. In response to news of anti-Chinese violence in Indonesia, Chinese Patriotic Hackers used Internet chat rooms to coordinate email bombs, DDoS (Distributed Denial of Service) attacks, and web defacement attacks on Indonesian websites. This first coordinated attack laid the foundation for current Patriotic Hacker organizations. Through their attacks on Indonesia, Patriotic Hacker groups “suddenly realized the power their group could wield and that this power was an independent voice from their government.” In the face of foreign threats, Patriotic Hackers remained loyal to the Chinese identity that they shared with their government. The political nature of Patriotic Hacker operations coined a new term among hackers: “The Red Hacker” (Hongke in Chinese pinyin). The Indonesian attacks “served as a catalyst to bring together existing independent hacker elements and fuse them under the banner of nationalism,” forming the concept of Red Hackers that collectively constitute the “Red Hacker Alliance.”
In this time period, the second large scale Patriotic Hacker attack was triggered in response to Taiwanese President Li Deng-Hui’s advocacy that Taiwan was a separate nation from China. Patriotic Hackers attacked and defaced Taiwanese websites with messages such as “there is only one China in the world and the world only needs one China.” Taiwanese hackers retaliated by launching cyber-attacks against Chinese hacker organizations and websites. After the Taiwanese “hacker war,” Patriotic Hacker attacks expanded across Asia. In 2000, a Patriotic Hacker organization named the “Ultra-Right-Wing Chinese Hackers Opposed to Japan Alliance” attacked Japanese websites in response to the perceived Japanese government denial of the Nanjing Massacre. To facilitate attacks against Japan, the Patriotic Hackers created a website which provided links to hundreds of target Japanese websites, cyber-attack tools, and information on how to launch cyber-attacks. These first three Patriotic Hacker attacks have defined the profile of Patriotic Hacker operations.
Patriotic Hackers: Present Day Organization
Currently, there are more than 250 Patriotic Hacker organizations that operate within China. Modern Patriotic Hacker groups are organized around a collection of hacker websites, which provide organizational forums, access to attack tools, and even “trophy rooms” which display evidence of successful attacks. The wide array of hacker organizations function as part of a larger whole, but are not regularly coordinated with each other.While Patriotic Hacker groups have large memberships, the number of active members fluctuates with current events. Each individual website represents a vibrant community of regular hackers “capable of organizing a variety of activities damaging to the governmental and civilian organizations around the globe,” but in certain political circumstances the number of hackers could swell to well over a million individuals. While Patriotic Hackers in recent years are better organized in comparison to older of hacker groups, current Patriotic Hacker groups still suffer from fluctuating membership and a lax organizational structure. Thus, at their core, Patriotic Hacker organizations are not a monolithic army, but rather a loose confederation of individuals driven by overarching nationalist sentiments.
Patriotic Hackers: Types of Attacks
Patriotic Hackers utilize a variety of foreign and self-developed tools to achieve their objectives. Three common attack methods utilized by Patriotic Hackers are Distributed Denial of Service Attacks, Web Defacements, and Malware Attacks. Distributed Denial of Service Attacks (DDoS): This method seeks to make the attacked computer system “unavailable for normal use; usually this is achieved by exhausting the resources of the target or by disabling the target by exploiting a logic flaw in the system.” Web Defacements: This attack gains access to a web server and changes the content of the website.Malware Attacks: This attack refers to the distribution of harmful computer software known as malware to targets. The malware distributed to a target is flexible and “could be configured to achieve many objectives, ranging from covert information collection to systematically corrupting all data in the system.”
The Role of Patriotic Hackers within Chinese Cyber Warfare
Chinese citizens share a unique relationship with their government in which “independence from government direction and control does not carry with it the idea of separation from the state.” While most Western countries view matters of national defense and foreign policy within the governmental domain, Chinese citizens are expected to actively support their government, which in some instances mandates that Chinese “citizens get involved with hacking or cyber attacking an enemy’s systems.”
The Chinese government authorizes and encourages Patriotic Hackers to launch cyber-attacks against other countries, but does not organize these attacks. Instead, Patriotic Hackers independently organize attacks through websites, forums and chartrooms in response to events that provoke nationalist outrage. The government exercises significant influence over Patriotic Hacker groups and these hackers support the government on the basis of a shared Chinese identity. The government controls Patriotic Hacker groups through several venues. The Chinese government can encourage or halt Patriotic Hacker activity by communicating with hacker groups through public news media. The government is also known to directly contact and communicate with Patriotic Hackers to recruit them for government operations. Finally, the government can shape Patriotic Hacker groups through legal prosecution, although the government normally tolerates the activities of these hackers.
Literature Review and Analysis of Competing Explanations
The literature on Patriotic Hacking can be classified into three schools of thought: Plausible Deniability, Strategic Logic, and Political Co-option.
The Logic of Plausible Deniability
The first approach argues that the Chinese government supports Patriotic Hacker attacks to maintain plausible deniability for government cyber operations. Plausible deniability within the context of this paper is a condition in which cyber attackers are able to reasonably avoid attribution to cyber-attacks. Chinese government is able to relinquish responsibility from its own cyber-attacks by utilizing Patriotic Hackers as a proxy. Scott Applegate similarly argues governments utilize cyber-militias to launch cyber-attacks because it is inherently difficult to attribute the source of these attacks. Ambiguous international treaties and laws concerning the status of non-government hackers protect governments from the political and legal consequences of launching cyber-attacks, making cyber-militias even more advantageous. Rain Ottis argues that non-government hackers are an extension of state power by highlighting the many avenues a government can use to influence non-government actors.
Concerns with the Plausible Deniability Argument
This Chinese government’s public encouragement of Patriotic Hacker attacks demonstrates that the Chinese government is not concerned with denying its responsibility for cyber-attacks. The Chinese government’s relationship with Patriotic Hackers is well known and publicized. After an American EP-3 spy plane collided into a Chinese fighter jet and crash- landed on the Chinese island of Hainan, the Chinese government “encouraged computer-savvy citizens to deface American websites to express their displeasure.” Following the “hacker war” that erupted between Taiwan and China in 2001, Chinese state-sponsored media publicly “lauded the Patriotic Hackers and encouraged other hackers to join in during the next crisis with Taiwan.”
The Strategic Logic of Patriotic Hacker Attacks
The second approach argues that the Chinese government supports non-government hacker attacks to enhance its cyber warfare capabilities. More specifically, this body of literature suggests that the Chinese government bolsters its cyber warfare capabilities with non-government hackers to counterbalance the conventional military superiority of the United States.Mangus Hjortdal, argues that China benefits from overt cyber-attacks because these attacks create a deterrent effect by signaling to other countries that China possesses significant cyber warfare capabilities. Matthew Crosston argues that the imbalanced conventional warfare relationship between China and the United States inspires China to utilize a “total nation” cyber warfare strategy to demonstrate its cyber warfare capabilities and deter potential threats.
Concerns with the Strategic Logic Argument
It is unlikely that the Chinese government utilizes Patriotic Hackers to pursue strategic military objectives because Patriotic Hackers are difficult to control and could work against the government’s strategic interests and damage China in international affairs. While the Chinese government generally condones the activities of Patriotic Hackers, the government has been forced to stop these hackers from harming government interests. In the midst of Chinese Patriotic Hacker attacks against the Taiwan, the Chinese media announced that Chinese hacker attacks against Taiwan were illegal, which “signaled to the hackers that the state had withdrawn its sanction of their activities and hacker activity quickly tapered off.” When some hackers, driven too far by nationalism, did not comply with directions to stop attacks, the Chinese government arrested these hackers. Beyond individual attacks, the government has moved against large hacker organizations; in 2010 they shut down the Black Hawk Safety Net site, formerly home to over 170,000 Patriotic Hackers.
Second, Patriotic Hacker attacks often have an adverse effect on Chinese Cyber operations. “Hacktivist attacks on a Chinese adversary may also risk shutting down lines of communication in use for intelligence collection or accidentally overwhelm channels the PLA is using as feedback loops to monitor the effectiveness of their network attacks.” During the 2001 US-China hacker war, Patriotic hackers “destroyed large volumes of data on the US Web servers they attacked,” potentially hampering Chinese intelligence gathering operations. Patriotic Hacker attacks are also organized publicly, which gives potential victims forewarning and time to effectively counter attacks. This strategic tradeoff indicates that Chinese government’s use of Patriotic Hackers as a foreign policy tool is not primarily concerned with maximizing damage to targets. Because Patriotic Hackers blunt foreign policy instruments, which are difficult to control, it is likely that Chinese government supports these attacks in order to send a political signal rather than to bolster its military capabilities in sensitive strategic operations.
The Logic of Co-option within Patriotic Hacker Attacks:
The third approach argues that government encouragement for Patriotic cyber-attacks against foreign targets are used to co-opt hackers in general across China under the banner of Nationalism. The Chinese government’s support for non-government hacker attacks against foreign targets directs these hackers away from operating against the state. Alexander Klimburg argues that the Chinese government deploys its netizens against foreign targets as a means to control them through integration into a national defense framework.Rebecca Mackinnon argues that China is establishing a system of “networked authoritarianism” which provides citizens an illusion of freedom that reinforces state power.
This explanation is distinct from previous ones because it focuses upon the role that domestic politics plays in Patriotic Hacking. While most research on cyber warfare is focused within the realm of foreign policy, the mechanism by which the Chinese government co-opts hacker groups is unclear, the weaknesses of Patriotic Hackers as foreign policy tools indicates that the Chinese government supports Patriotic Hacker attacks for domestic reasons. Moving forward, this paper explores and develops the co-optation argument by arguing that the Chinese government supports Patriotic Hacker attacks to control Patriotic Hackers through generating Nationalism.
The Nationalist Logic of Patriotic Hacking
Why does the People’s Republic of China support Patriotic Hacker attacks? The People’s Republic of China supports Patriotic Hacker attacks to control Patriotic Hackers through fostering nationalism among hackers. In contrast to previous explanations, this paper argues that China’s motivation for supporting Patriotic Hacker attacks is centered upon domestic political control rather than foreign policy and military considerations.
A History of Chinese Nationalism
Nationalism within the context of this paper refers to Chinese-partisan sentiments “described as aiguo (patriotic) which in Chinese literally means, “loving the state and aiguo zhuyi (patriotism), which is to love and support China.” This form of nationalism stresses Chinese ethnic unity and loyalty to the communist state; it is a “firmly goal-fulfilling and national-interest-driven doctrine, ideologically agnostic, having nothing, or very little, to do with either Marxism or liberalism. But the concept of Chinese nationalism has constantly evolved throughout Chinese history. The earliest nationalist movements in China began as “an ethnic state-seeking movement led by the Han majority to overthrow the Qing Dynasty, under which China was ruled by the Manchu minority.”
Within China’s political transition from the Qing Dynasty into a modern state, Chinese nationalism was championed by China’s first modern political party, the Guomingdang (KMT) and evolved in the early twentieth century as a means to improve China though political and social reforms. After significant political turbulence in the mid-20th century, which encompassed the Second World War and the Chinese Civil War, CCP seized control of China. Through the CCP, communist ideology spread throughout China and Chinese nationalism shed its ethnic context to adopt the “nation as a group of citizens who have the duty to support and defend the rights of their state.”
As political circumstances in China have evolved, so has the role of nationalism in Chinese politics. The death of Mao Zedong and market oriented economic reforms championed by Deng Xiaoping in the early 1980s fundamentally altered Chinese politics and collapsed Chinese communist ideology. Economic hardship, corruption, and political instability following Deng Xiaoping’s economic reforms in the 1980s “greatly weakened mass support for the CCP and eroded its basis of legitimacy.” Chinese leaders turned to nationalism in response to the collapse of communist ideology to fill “an ideological vacuum left by the collapse of Marxist ideology and reinforce the stability of the CCP.” These leaders “wrapped themselves in the mantle of pragmatic nationalism, which they found remained the most reliable claim to the Chinese people’s loyalty and the only important value shared by the regime and its critics.” The CCP maintained its legitimacy by promising national strength and focusing on high rates of economic growth. Through deploying nationalism, the CCP was able to ideologically tie China with itself and introduce the view that “the Communist state is the embodiment of the nation’s will,” and portraying the CCP as defenders of China against outside threats. The CCP’s success with deploying nationalism as a means to generate political stability has established nationalism as the basis for the support and legitimacy of the CCP. Nationalism is a primary strategy utilized by the Chinese government to answer political threats; in the face of political crisis, the CCP has consistently “appealed to nationalism in the name of patriotism as a way to ensure the loyalty of a population stewing in domestic discontent.” Nationalism operates through a couple of mechanisms to reinforce the stability of the Chinese government. Nationalism serves the Chinese government by bolstering “its legitimacy through invoking a deep sense of “Chineseness” among its citizens. The government is able to resolve ideological fractures and consolidate the Chinese identity against external threats by fostering Nationalist sentiments. In the face of economic and political problems, nationalism “has become an effective instrument for enhancing the CCP’s legitimacy by allowing for it to be defined on the claim that the regime provides political stability and economic prosperity.”
In the Internet age, “CCP is increasingly dependent upon its nationalist credentials to rule” and deploys nationalism to answer political threats from the Internet. The Chinese government grants its citizens the freedom to express their political opinions and organize around issues that are favorable to the government. For example, the Chinese government sanctions and encourages anti-Japanese Internet activity. The government also mobilizes nationalist sentiments in media to divert its citizens away from expressing their discontent with the government and activities that the government views harmful to political stability of the CCP. In response to growing dissatisfaction with the Chinese government in the early 1990’s, the CCP launched the “Chinese Patriotic Education Campaign.” Through this nationalist initiative, the Chinese government permitted and encouraged “outbreaks of patriotic fervor” to draw attention away from the Tiananmen Square “Incident.” Nationalism through consistent deployment has become a political theme utilized by the Chinese government to reinforce political stability, boost national confidence, and transform past humiliation into a driving force for modernization.
Nationalism within Patriotic Hacking
The Chinese government’s current response to Patriotic Hackers is consistent with the CCP’s historical uses of nationalism to control political threats. The Chinese government is wary of political activity because it can expose Chinese netizens to government criticisms and serves as a venue to organize against the CCP. In response to this threat, the Chinese government deploys Internet censorship and restrictions, a major flashpoint between the Chinese government and its citizens. “It is clear that there are at least as many netizens concerned with breaching the Great Firewall as there are with attacking foreign networks.” Although Patriotic Hackers are driven by nationalist sentiments and generally support the Chinese government, they have the capacity to destabilize the CCP. Because Patriotic Hackers are not formally integrated into the Chinese government, the CCP has no official control over these hackers. In some instances Patriotic Hackers, beyond circumventing Internet restrictions and breaking Chinese law, have even directly attacked the Chinese government by defacing government websites. These hackers also have the capacity to undermine the Chinese government by working for Western computer security agencies.
In response to this domestic threat, the Chinese government helps foster nationalist sentiments to control these hacker groups. While other violations of Internet regulations are harshly punished, Patriotic Hackers “appear to suffer no sanction for their brazen contravention of Chinese law” and “nationalist Internet posts related to foreign policy or security are also usually tolerated by the government.It is important to note that China’s support for Patriotic Hacker attacks is distinct from its tolerance of hacker organizations. The government’s tolerance for Patriotic Hackers signals that the government supports hacker activity through legal tolerance, which establishes the government as an ally of these hackers. However, the CCP goes beyond attempting to ally with hacker groups and is an active attempt to stoke nationalism among Patriotic Hackers. Through encouraging Patriotic Hacker attacks, the Chinese government actively attempts to stoke nationalism among Patriotic Hackers by allowing hackers to publicly express nationalist sentiments. The Chinese government shapes the loyalty of hacker organizations by rallying them against foreign threats under the banner of Nationalism.
The Chinese Government’s Framing of Patriotic Hacker Attacks
The Chinese government’s motivation to foster nationalist sentiments and control Patriotic Hacker groups is evident in the way that the Chinese government frames its support for Patriotic Hacker attacks. First, the CCP supports Patriotic Hacker attacks within the context of fostering and expressing nationalist sentiments. During the Hainan EP-3 plane crash incident, the Chinese government “encouraged computer-savvy citizens to deface American websites to express their displeasure.” Expression and communication are key themes that the CCP emphasizes when supporting these attacks. Following the “hacker war” that erupted between Taiwan and China in 2001, Chinese government media “lauded the Patriotic Hackers and encouraged other hackers to join in during the next crisis with Taiwan.” However, there are limits to government support for Patriotic Hacker attacks. In the midst of a Patriotic Hacker war between Chinese and Taiwanese hackers, the Chinese government notified hacker through public media “that the state has withdrawn its sanction of their activities and hacker activity quickly tapered off.” When some hackers, driven too far by nationalism, did not comply with directions to stop attacks, the Chinese government arrested them. Second, it is important to note that China’s intervention to stop some Patriotic Hacker attacks does not indicate that the government shies away from rallying nationalism through Patriotic Hacking. The Chinese government rarely intervenes to stop these hackers and supports an overwhelming majority of Patriotic Hacker attacks demonstrating that the CCP embraces the nationalist implications of these attacks. Third, the Chinese government publicly announces that its support for Patriotic Hacker attacks is intended to stoke Nationalist sentiments. When the Japanese government requested the Chinese government to shut down hacker websites, Chinese “police responded that they had no intention of doing so because it was a ‘patriotic’ website.” Through supporting Patriotic Hacker attacks, the Chinese government successfully instills the Chinese Internet with “nationalistic and patriotic longings” that reinforce the stability of the Chinese government and resolves the threat that Patriotic Hackers pose to the CCP.
An Examination of Patriotic Hacker Attacks
The nature of Patriotic Hacker attacks supported by the Chinese government is consistent with cyber-attacks primarily intended to foster nationalism. But large-scale Patriotic Hacker attacks are distinct from cyber-attacks normally attributed to the CCP, traditionally focus on covert espionage and monitoring operations, China has been regularly accused of selectively hacking into governments, private companies, and individuals alike to steal information ranging from weapons designs and search algorithms to embarrassing personal information. In contrast, Patriotic Hacker attacks are designed to express outrage, convey nationalist messages, and release popular dissent. The trigger and timing, means, target, and impact of Patriotic Hacker attacks indicate that Patriotic Hackers serve nationalist rather than strategic ends.
Timing and Trigger
Patriotic Hacker attacks are triggered in response to events that stir nationalist sentiments of Patriotic Hackers and are organized by Chinese hackers through online web posts and chat rooms. The table below summarizes the causes of Patriotic Hacker attacks most covered in the media.
Table 1: The Causes of Patriotic Hacker Attacks
|Date||Patriotic Hacker Attack||Cause of the Attack|
|1998||Indonesian Riots||Chinese hackers attack Indonesian websites in response to anti-Chinese riots in Indonesia|
|1999||Taiwan “Two- States” Incidents||
Attacks are launched against Taiwanese websites after Taiwan’s president declares that Taiwan is separate from China
|1999||Belgrade Bombing Incident||
Hackers launch attacks against the United States after a Chinese Embassy is mistakenly bombed by the United States
|2000||Nanjing Massacre Denial Incident||Attacks are launched against Japanese websites after Chinese hackers perceive that the Japanese government denied its responsibility for the Nanjing Massacre|
|2000||Taiwanese Election Incident||Chinese Hackers launch attacks against Taiwanese websites after pro-independence President Chen Shui-bian is elected|
|2001||Japanese Cyber Incidents||
Patriotic Hackers launch attacks against Japanese websites in protest of a variety of issues including the perceived rude treatment of Chinese passengers on a Japan Airlines flight, a Mitsubishi vehicle brake failure which caused an accident, and accusations of textbook revisionism by the Japanese government
|2001||Hainan Airplane Incident “Sino US. Hacker War”||
Chinese Hackers and American Hackers wage a “hacker war” after an American EP-3 Spy plane collides with a Chinese fighter jet and crash lands on the Chinese island of Hainan
|2004||Diaoyu/Senkaku Island Dispute||Chinese Hackers attack Japanese websites in response to earlier web defacements committed by Japanese Hackers|
|2005||Yasukuni War Memorial Incident||Japanese websites are attacked after Japanese Prime Minister Koizumi visits the Yasukuni War Memorial|
|2008||CNN Beijing Olympics Incident||Patriotic Hackers distribute materials on how to attack CNN after perceived unfair coverage of the 2008 Beijing Olympics|
|2010||Iranian Patriotic Hacker War||Chinese Hackers attack Iranian Hackers after the popular Chinese website site baidu.com is attacked by the “Iranian Cyber Army.”|
Additionally, the timing of Patriotic Hacker attacks have been motivated by symbolism and planned to coincide with events significant to nationalist themes. For example, Patriotic Hackers publicly released plans to attack websites “until the anniversary of the bombing in Belgrade,” despite the fact that publicly disclosing the timing of an attack would mitigate its effectiveness by providing the target forewarning and time to prepare. Since Patriotic Hacker attacks are only executed within the context of nationalism, it is unlikely that they serve any other purpose for the CCP.
Means of Attack
Patriotic Hacker attacks are planned openly to generate publicity, even at the cost of retaliation from hackers in other countries. The attack methods utilized by Patriotic Hackers serve to maximize publicity, encourage public participation, and rally nationalist sentiments. The use of DDoS attacks and distributed malware attacks by Patriotic Hackers, by nature, require large-scale public participation to be effective. Additionally, Patriotic Hackers also deface websites with Chinese nationalist slogans and symbolism, often identifying themselves in attacks and opening themselves to retaliation. Patriotic Hacker attacks serve to promote nationalism rather than to achieve strategic objectives because the means of these attacks emphasize publicity over strategic effect.
Targets for Patriot Hackers
Patriotic Hackers are known to target highly visible and symbolic websites to maximize the profile and publicity of attacks. In the 2001 “hacker war” between Chinese and American hackers, Chinese hackers targeted symbolically important websites, such as one’s belonging to the White House and the Justice Department. During tensions between China and Japan, Chinese hackers targeted the website of the controversial Yasukuni Shrine in addition to Japanese government websites. Patriotic Hackers additionally unfocusedly target a wide range of other websites that tangentially related to their nationalist-ire. In the 2001 hacker war mentioned above, Patriotic Hackers targeted a websites associated with “Ohio’s Bellaire School district sites to play the Chinese National Anthem and display the Chinese Flag,” despite the fact that such an attack has little strategic utility. The visibility and scope of Patriotic Hacker targets demonstrates that Patriotic Hacker attacks are primarily designed to rally and spread nationalist expression.
While the effects of Patriotic Hacker attacks are widespread, the lasting impacts of these attacks are small. The DDoS attacks and web defacements utilized by Patriotic hackers fail to achieve significant long-term damage. Attacks that achieve lasting damage such as those targeting power grids or nuclear centrifuges require extensive expertise, precision, and covertness to execute. Because Patriotic Hacker groups are relatively unorganized and unwieldy, they are structurally unable to gather the focus, coordination, and secrecy required to successfully launch significantly damaging attacks. The failure of Patriotic Hacker attacks to achieve any significant lasting damage demonstrates that the Chinese government supports Patriotic Hacker attacks for their nationalist effect.
The Internet has strengthened the political power of individuals by enhancing their ability to organize and project their political opinions while weakening the power of authoritarian governments to directly repress their citizens. In analyzing Chinese Internet policies it is clear that even more authoritarian governments have decided that it is better to work with rather than against Patriotic Hackers. The support and freedom that independent hacker organizations receive, even under limited context, may signal that hacker organizations will inevitably become more powerful. While the Chinese government strives to develop stronger ties with hackers by providing support and direction, this assistance will also enhance their technical skills and elevate these hackers into a more prominent political role. Chinese attempts to deploy nationalism to influence hacker groups likely encourages more “netizens” to enter the political arena and express their voice within politics.
China’s Internet is no longer politically sterile and has become infused with a unique political spirit that is “not tolerated in the real world of Chinese political life.” It is increasingly difficult for the Chinese government to encourage its netizens to become more politically active in support of the central government, while simultaneously steering hackers away from “undesirable” political pursuits. The increased political awareness of citizens forces the Chinese government to be even more responsible to them. In response to public Internet outrage, the Chinese government dropped murder charges against a female hotel employee who stabbed a senior government official to death in self-defense. In the 2009, the Chinese government was forced to reverse its decision to install all future PCs with monitoring software after strong objections from China’s netizens and computer manufacturers.
Moving forward, the Chinese government should exercise caution in navigating its relationship with Patriotic Hackers. While the Chinese government currently benefits from Patriotic Hacking, there is no guarantee that nationalism and increased political participation from individuals will always benefit the Chinese government. The Chinese government has been accused of not being aggressive enough and the Anti-Japan protests in 2005 “began to morph into dissatisfaction with the Chinese government’s perceived weakness in dealing with Tokyo. An appropriate response to China’s Patriotic Hackers requires an engagement with the relationship between the Chinese government and these hackers. The independence of Patriotic Hacker organizations from the Chinese government allows policy makers to directly shape Chinese politics from within through the use of targeted media and direct contact with hacker groups. China’s support of Patriotic Hacker attacks makes at least one thing clear: even the most powerful authoritarian governments must work with its citizens in the age of the Internet. The support that Patriotic Hacker organizations receive from their governments will likely elevate the role that these hackers play in politics. The story of China’s Patriotic Hackers represents only one instance of political change in the age of the Internet. Government officials no longer solely determine political decisions within consecrated halls of power. Small groups of individuals—or even a single individual—armed with computers and an Internet connection now have a seat at the table of political change.
Ryan Hang (’14) attended the University of California, Berkeley.
Applegate, Scott D. “Cybermilitias and Political Hackers – Use of Irregular Forces and Cyberwarfare.” IEEE Security and Privacy 9:5 (2011).
Ball, Desmond. “China’s Cyber Warfare Capabilities.” Security Challenges 7:2 (2011).
Crosston, Matthew. “Virtual Patriots and a New American Cyber Strategy.” Strategic Studies 6:4 (2012).
Gries, Peter H. “Nationalism and Chinese Foreign Policy.” In China Rising: Power and Motivation in Chinese Foreign Policy, edited by Yong Deng and Fei-ling Wang. Lanham: Rowan & Littlefield, 2005.
Henderson, Scott J. “Beijing Rising Hacker Stars How Does Mother China React?” IO Sphere, February 2008.
——. The Dark Visitor: Inside the World of Chinese Hackers. Evanston: Northwestern University, 2007.
Hjortdal, Magnus. “China’s Use of Cyber Warfare: Espionage Meets Strategic Deterrence.” Journal of Strategic Security 4:2 (2011).
Holt, Thomas J., and Bernadette H. Schell. Corporate Hacking and Technology-Driven Crime. New York: Information Science Reference, 2011.
Inkster, Nigel. “China in Cyberspace.” Survival: Global Politics and Strategy 52:4 (2010).
Klimburg, Alexander. “Mobilising Cyber power.” Survival: Global Politics and Strategy 53:1 (2011).
Krekel, Bryan. “Capability of the People’s Republic of China to Conduct Cyber Warfare and Computer Network Exploitation.” Northrop Grumman Corporation, October 9, 2009. <http://www2.gwu.edu/~nsarchiv/NSAEBB/NSAEBB424/docs/Cyber-030.pdf>.
Kshetri, Nir. The Global Cybercrime Industry: Economic, Institutional and Strategic Perspectives. Heidelberg: Springer, 2010.
——. “Pattern of Global Cyber war and Crime: A Conceptual Framework,” Journal of International Management 11 (2005).
Liff, Adam P. “Cyberwar: A New ‘Absolute Weapon’? The Proliferation of Cyber warfare Capabilities and Interstate War.” Journal of Strategic Studies 55:3 (2012).
McDonell, Stephen. “Chinese Hacker Who Once Targeted the US Switches Sides to Help Defend Western Companies.” ABC News, July 22, 2013.
Mulvenon, James, Scot Tanner, Michael S. Chase, David R. Frelinger, and David C. Gompert. “Chinese Responses to U.S. Military Transformation and Implications for the Department of Defense.” Rand Corporation, April 5, 2006. <http://www.rand.org/pubs/monographs/MG340.html>.
Mulvenon, James. “PLA Computer Network Operations.” In Beyond the Strait PLA Mission Other Than Taiwan. Edited by Roy Kamphausen, David Lai, and Andrew Scobell. Carlisle, PA: US Army War College Strategic Studies Institute, 2009.
Oakley, John. Cyber Warfare: China’s Strategy to Dominate in Cyber Space. S.I.: BiblioScholar, 2012.
Ottis, Rain. “From Pitchforks to Laptops: Volunteers in Cyber Conflicts.” Tallinn, Estonia: Conference on Cyber Conflict Proceedings, 2010.
——. “Theoretical Model for Creating a Nation-State Level Offensive Cyber Capability” Lisbon: Academic Publishing Ltd, 2009.
Rid, Thomas. Cyber War Will Not Take Place. Oxford: Oxford UP, 2013.
Singer, Peter W., and Allan Friedman. Cybersecurity: What Everyone Needs to Know. Oxford: Oxford UP, 2014.
Thomas, Timothy L. “China’s Electronic Long-Range Reconnaissance.” U.S Army Training and Doctrine Command, December 2008.
Zhao, Suisheng. A Nation-state by Construction: Dynamics of Modern Chinese Nationalism. Stanford, CA: Stanford UP, 2004.
——. “China’s Pragmatic Nationalism: Is it Manageable?” The Washington Quarterly 29:1 (2006).
 Nir Kshetri, The Global Cybercrime Industry: Economic, Institutional and Strategic Perspectives, Heidelberg: Springer, (2010): 154.
Thomas Holt and Bernadette Schell, Corporate Hacking and Technology-Driven Crime, (New York: Information Science Reference, 2011).
 Scott Henderson, “Beijing Rising Hacker Stars How Does Mother China React?” IO Sphere (2008): 25-30.
 Alexander Klimburg, “Mobilising Cyber Power,” Survival: Global Politics and Strategy 53.1 (2011).
Cyber espionage is the act or practice of obtaining secrets without the permission of the holder of the information.
Scott Henderson, “The Dark Visitor: Inside the World of Chinese Hackers,” (2007): 2.
 Mangus Hjortdal,”China’s Use of Cyber Warfare: Espionage Meets Strategic Deterrence,” Journal of Strategic Security 4:2 (2011): 2.
John Oakley, Cyber Warfare: China’s Strategy to Dominate in Cyber Space, (S.I.: BiblioScholar, 2012), 30.
 Ibid., 31.
 Scott Henderson, The Dark Visitor: Inside the World of Chinese Hackers, (S.I.: s.n., 2007).
 Ibid., 21.
 Ibid., 19.
 Ibid., 50.
 Ibid., 69.
 Ibid., 60.
 Rain Ottis, “From Pitchforks to Laptops: Volunteers in Cyber Conflicts,” (Tallinn, Estonia: Conference on Cyber Conflict Proceedings, 2010).
 Ibid., 101.
 Ibid., 102.
 Henderson, The Dark Visitor,102.
 Timothy Thomas, “China’s Electronic Long-Range Reconnaissance,” U.S Army Training and Doctrine Command, Dec. 2008, <http://fmso.leavenworth.army.mil/documents/chinas-electronic.pdf>, 58.
 James Mulvenon, Scot Tanner, Michael S. Chase, David R. Frelinger, and David C. Gompert, “Chinese Responses to U.S. Military Transformation and Implications for the Department of Defense,” Rand Corporation, Apr. 5, 2006, <http://www.rand.org/pubs/monographs/MG340.html>.
 Bryan Krekel, “Capability of the People’s Republic of China to Conduct Cyber Warfare and Computer Network Exploitation,” Northrop Grumman Corporation, Oct. 9, 2009. <http://www2.gwu.edu/~nsarchiv/NSAEBB/NSAEBB424/docs/Cyber-030.pdf>, 51.
Mulvenon et al.,“Chinese Responses to US. Military Transformation and Implications for the Department of Defense,” 93.
 Liff (2012), Applegate (2011), and Ottis (2009).
Hjortdal (2011), Crossman (2012), and Mulvenon (2000).
 Klimburg (2011) and Mackennon (2011).
 Adam Liff, “Cyberwar: A New ‘Absolute Weapon’? The Proliferation of Cyberwarfare Capabilities and Interstate War,” Journal of Strategic Studies 35:3 (2012): 401-428.
 A former military officer and security researcher.
 Scott Applegate, “Cybermilitias and Political Hackers – Use of Irregular Forces in Cyberwarfare,” IEEE Security and Privacy, 9:5 (2011): 16-22.
 Associate Professor of Cyber Security at Tallinn University.
 Rain Ottis, “Theoretical Model for Creating a Nation-State Level Offensive Cyber Capability,” (Lisbon: Academic Publishing Ltd., 2009).
 Peter Singer and Allan Friedman, “Cybersecurity: What Everyone Needs to Know,” Oxford: Oxford UP, (2014): 113.
 A security researcher at the University of Copenhagen.
 Hjortdal, “China’s Use of Cyber Warfare: Espionage Meets Strategic Deterrence,”2.
 Professor of Political Science at Bellevue University.
 Matthew Crosston, “Virtual Patriots and a New American Cyber Strategy,” Strategic Studies 6:4 (2012): 100.
 Mulvenon et al.,“Chinese Responses to US. Military Transformation and Implications for the Department of Defense,” 93.
 Singer and Friedman, “Cybersecurity: What Everyone Needs to Know,” 113.
Krekel, “Capability of the People’s Republic of China to Conduct Cyber Warfare and Computer Network Exploitation,” 57.
 Ibid., 4.
 Ibid., 41.
 A fellow at the Austrian Institute for International Affairs.
 Klimburg, “Mobilising Cyber Power,”41-60.
 A former CNN Journalist.
 Rebecca MacKinnon, “China’s Networked Authoritarianism,”Journal of Democracy22:2 (2011): 32-46.
 Suisheng Zhao, A Nation-state by Construction: Dynamics of Modern Chinese Nationalism, (Stanford University Press, 2004), 31.
Suisheng Zhao, “China’s Pragmatic Nationalism: Is it Manageable?” The Washington Quarterly 29:1 (2006): 131-144.
 Kshetri, “The Global Cybercrime Industry: Economic, Institutional and Strategic Perspectives,” 151.
Zhao, “China’s Pragmatic Nationalism: Is it Manageable?”, 131-144.
 Peter H. Gries, “Nationalism and Chinese Foreign Policy,” in China Rising: Power and Motivation in Chinese Foreign Policy, ed. by Yong Deng and Fei-ling Wang, (Lanham: Rowan & Littlefield, 2005).
 Nigel Inkster, “China in Cyberspace,” Survival: Global Politics and Strategy 52:4 (2010): 6.
Desmond Ball, “China’s Cyber Warfare Capabilities,” Security Challenges 7:2 (2011): 100.
Stephen McDonnell, “Chinese Hacker Who Once Targeted the US Switches Sides to Help Defend Western Companies.” ABC News, Jan. 22, 2013.
 Mulvenon et al.,“Chinese Responses to US. Military Transformation and Implications for the Department of Defense,” 93.
 Ibid., 92.
 Singer and Friedman, 113.
 Mulvenon et al. 93.
 Singer and Friedman, 113.
 Henderson, “Beijing Rising Hacker Stars How Does Mother China React?” 25-30.
 Kshetri, 151.
 Oakley, 30.
 In examining the nature of Patriotic Hacker Attacks, it is important to note that in this paper, Patriotic Hacker Attacks refers to large scale publicly organized attacks against foreign targets. While Patriotic Hackers may also engage in independent attacks and covert cyber operations, these attacks are motivated independently and are not the large-scale public attacks that this paper examines.
 Singer and Friedman, 113.
 Nir Kshetri, “Pattern of Global Cyber war and Crime: A Conceptual Framework,” Journal of International Management 11 (2005): 550.
Henderson, “The Dark Visitor: Inside the World of Chinese Hackers,” 21.
 Ibid. 38.
 Kshetri, “The Global Cybercrime Industry: Economic, Institutional and Strategic Perspectives,” 154.
 Referencing the Stuxnet attack on Iran’s Nuclear Program.
 Thomas Rid, Cyber War Will Not Take Place, (Oxford: Oxford UP, 2013).
 Inkster, 59.
 Ibid., 60.
 Ibid., 62.
 Ibid., 60.