Between January and March 2025, the United States indicted or sanctioned individuals and companies linked to Chinese state-sponsored threat actors known as APT27, Red Hotel, and Flax Typhoon – labels used by cybersecurity researchers to group entities with similar tactics.
Many of the individuals behind these groups trace their roots to an earlier community of elite hackers known as ‘red hackers’ or ‘Honkers’, active in online forums during the mid-1990s and 2000s.
Over the following two decades, these Honkers evolved from informal hacker collectives into key architects of China’s cyber apparatus. Many founded security startups, helped build cybersecurity teams at major tech firms such as Baidu, Alibaba,
Tencent, and Huawei and helped shape a cybersecurity market driven by attack-defence capabilities. Today, these capabilities likely serve as key enablers of China’s advanced persistent threat (APT) groups, as cyber operations are increasingly carried out through private-sector proxies.
A recent report by the Cyber Defense Project at the Center for Security Studies (CSS) at ETH Zurich titled ‘Before Vegas: The “Red Hackers” Who Shaped China’s Cyber Ecosystem,’ charts this evolution.
It focuses on 40 influential figures – referred to as ‘The Red 40’ – and traces how informal talent was gradually absorbed into a tightly integrated ecosystem: one where informal networks, private enterprise, and state interests intersect through a mix of grassroots experimentation, strategic alignment, and increasing institutional control.
No comments:
Post a Comment