Talk on Chinese Cyber Army Pulled From Black Hat


A [talk on China’s state-sponsored offensive security efforts scheduled for the Black Hat](<http://blackhat.com/html/bh-us-10/bh-us-10-briefings.html#Huang>) conference later this month has been pulled from the conference after concerns were raised by some people within the Chinese and Taiwanese government about the talk’s content. The presentation was to be delivered by Wayne Huang, CTO of Armorize, an application security company with R&D operations in Taiwan. The talk was billed as an in-depth, historical look at the offensive capabilities and operations of China’s so-called cyber-army. The description of the presentation on the Black Hat site promises an interesting presentation. “Operation Aurora, GhostNet, Titan Rain. Reactions were totally different in the US and in Asia. While the US media gave huge attention, Asia find it unbelievable and interesting, that cyber warfare and government-backed commercial espionage efforts that have been well established and conduced since 2002, and have almost become a part of people’s lives in Asia, caused so much “surprise” in the US. Here we’ll call this organization as how they’ve been properly known for the past eight years as the “Cyber Army,” or “Wang Jun” in Mandarin. This is a study of Cyber Army based on incidences, forensics, and investigation data since 2001. Using facts, we will reconstruct the face of Cyber Army (CA), including who they are, where they are, who they target, what they want, what they do, their funding, objectives, organization, processes, active hours, tools, and techniques.” Caleb Sima, Armorize’s CTO and co-founder, [said on his Twitter feed](<https://twitter.com/csima/status/18556608980>) yesterday that the talk had been pulled. “I had to pull our blackhat talk. Taiwanese gov is prohibiting it due to sensitive materials. Unreal.” This kind of last-minute cancellation of sensitive talks at security conference, particularly Black Hat, has become a common occurrence in recent years. The most famous example is the Mike Lynn incident in 2005 when Lynn, then an employee of ISS, was supposed to deliver a talk about a flaw in Cisco’s ubiquitous IOS software. At the last minute, Cisco and ISS objected to the details of Lynn’s talk and threatened him with legal action if he presented it. Lynn then quit ISS and gave his talk anyway. Last year a talk by researcher Barnaby Jack on ATM vulnerabilities was canceled under similar circumstances. **[Listen to Sima discuss the Black Hat controversy with Dennis Fisher**]: [swf file=”http://www.threatpost.com/sites/default/files/digital_underground_64.mp3] Huang’s talk on the Chinese cyber army is an especially interesting case, however. Armorize has research operations in Taiwan and presumably needs to maintain a working relationship with the country’s government. But this is not the first time that Huang would have given this particular presentation. He’s been giving various versions of it for several years now, including at the OWASP conference in Taiwan in 2007. [block:block=47] “They went over how the NetArmy is trained and organized and how courses in Military Cyber Warfare are being institutionalized. Imagine instead of getting a degree in Information Security, you get one in Military Cyber Warfare. Talk about a bold new world,” Jeremiah Grossman, CTO of WhiteHat Security, who saw a version of Huang’s talk at the conference in 2007, said in a [blog post](<http://jeremiahgrossman.blogspot.com/2007/09/owasp-asia-conference-2007.html>) at the time. “In Taiwan it’s an environment of true military supported cyber warfare as a result of an intense political climate with China. Both sides are extremely well organized, funded, motivated, their actions unrestricted.” It’s not clear at this point whether Black Hat will replace Huang’s talk or whether he may deliver a watered-down version of it instead.