Govern­ment­pledges tocul­ti­vate­more cy­ber­tal­ents

China Daily (Canada) - - CHINA -

cy­berspace, but also a means of fur­ther­ing mem­bers’ dream of to­tal se­cu­rity.

In Oc­to­ber, Fang trav­eled to Ja­pan to dis­cuss “hot risk” ar­eas and the preven­tion of cy­ber­at­tacks with Ja­panese se­cu­rity ex­perts.

“I learned that for­eign coun­tries have sim­i­lar se­cu­rity prob­lems as ours, but fe­wof them have a plat­form like Wooyun to re­port to, which is why I in­tend to ex­tend our busi­ness,” he said.

In the past, some Wooyun mem­bers looked for se­cu­rity loop­holes over­seas, “but we had­nochan­nel to in­form any­one about their re­ports, so we plan to break through via nor­mal com­mu­ni­ca­tions at first”, he said.

Wooyun has con­nec­tions with groups in Hong Kong, Tai­wan and other places in SoutheastAsia, such as Sin­ga­pore, and hopes to be­come a bridge for re­ports about se­cu­rity risks.

“We first wanted to ex­tend to ar­eas where there are Chi­nese peo­ple, be­cause it’s eas­ier for them to understand our idea that loop­holes should be made pub­lic when they’ve been solved,” he said, adding that the pol­icy of full dis­clo­sure has been ap­proved by the on­line mem­bers.

“Most se­cu­rity fans are proud of dis­cov­er­ing prob­lems in cy­berspace. Pub­licly ex­pos­ing loop­holes af­ter help­ing com­pa­nies or gov­ern­ments close them is the best way for th­ese ama­teur ex­perts to feel a sense achieve­ment,” he said.

AlthoughWooyun had pre­vi­ously dis­cov­ered se­cu­rity risks in some Western busi­nesses, in­clud­ing Ap­ple Inc, the com­pa­nies de­clined to dis­close the loop­holes pub­licly.

“I hope our ef­fec­tive meth­ods of solv­ing se­cu­rity prob­lems in Asia will help us ex­tend fur­ther in the West,” Fang said.

Now, Wooyun re­ports any loop­holes its mem­ber dis­cover to the Na­tional Com­puter Net­work Emer­gency Re­sponse Tech­ni­cal Team Co­or­di­na­tion Cen­ter of China for tech­ni­cal ver­i­fi­ca­tion.

“Lots of coun­tries and re­gions have sim­i­lar in­sti­tutes, and we first share the

of se­cu­rity in­for­ma­tion with them to open a door for com­mu­ni­ca­tion,” he said.

Al­though he grad­u­ated from a univer­sity in Hei­longjiang prov­ince with a bach­e­lor’s de­gree in chem­istry, Fang did not find his ma­jor in­ter­est­ing. In­stead, he was ad­dicted to com­put­ers.

“What I enjoy is con­quer­ing or cir­cum­vent­ing games. The feel­ing of break­ing though a bar­rier is fan­tas­tic,” he said.

Meng Zhuo, one of Wooyun’s core employees, has had a pas­sion for com­put­ers and in­for­ma­tion se­cu­rity since high school, when the pass­word to his on­line game ac­count was stolen.

“At the time, I really wanted to know how the ‘thief’ stole it. I bought com­put­er­re­lated mag­a­zines and stud­ied them, but still had no idea. It was then I de­cided to learn about in­for­ma­tion se­cu­rity, be­cause I was ea­ger to know how se­cu­rity loop­holes hap­pened and how to re­pair them,” the 29-year-old hacker said.

Un­like Meng and Fang, who dreamed of de­vot­ing their time to cybersecurity work by the time they en­tered univer­sity, Huang Hao, 27, re­vived his dream in 2010, af­ter a long hia­tus.

“I was in­ter­ested in in­for­ma­tion se­cu­rity when I was 12 or 13, be­cause it was mag­i­cal. But I thought it was too far re­moved from nor­mal life,” Huang, 27, said.

Be­fore 2010, when he ar­rived in Beijing to pursue a new ca­reer, Huang was em­ployed at a steel plant An­shan, his home­town, Liaon­ing prov­ince.

“The fac­tory job was not suit­able for a young per­son,” he said.

How­ever, a turn­ing point came when he per­formed a magic trick dur­ing a gala held by his first em­ploy­ers in the cap­i­tal.

“I re­ceived ap­plause from the com­pany chair­man and hun­dreds of col­leagues when I per­formed the trick. As they gave me the thumbs up, I felt a huge sense of achieve­ment,” he said.

“The feel­ing re­minded me of the days when I fell in love with in­for­ma­tion se­cu­rity. My dream of work­ing in cybersecurity was reawak­ened right then,” said Huang, who be­came a Wooyun em­ployee in July last year.

Ir­re­spec­tive of their place of ori­gin, the dream that drives Wooyun’s mem­bers and other “white-hat” hack­ers — im­preg­nable cy­berspace — con­tin­ues to dom­i­nate their lives.

“Now we want more busi­nesses to im­prove their aware­ness and ini­ti­ate in­spec­tions to de­ter­mine if their prod­ucts or ser­vices are safe, thereby im­prov­ing the on­line en­vi­ron­ment from the roots,” Meng said.

Con­tact the writer at caoyin@chi­nadaily.com.cn

Iam an in­for­ma­tion-se­cu­rity zealot, so my “Mr. Right” must also be ad­dicted to the in­dus­try and ac­com­pany me along this road.

My dream boyfriend should have many traits in com­mon with me, to be my guide and treat me just like any other en­thu­si­ast as I ex­plore the world of cybersecurity.

I dream of mar­ry­ing a “white-hat” hacker. We could talk about hot se­cu­rity is­sues and com­pete in dis­cov­er­ing se­cu­rity risks or loop­holes at week­ends. The prospect is fan­tas­tic.

I be­came in­ter­ested in “white-hat” hack­ers af­ter I met some on the In­ter­net. I ad­mired them, and thought the fact that they used their skills to pro­tect in­for­ma­tion se­cu­rity was cool.

The big­gest at­trac­tion was that, un­like many hack­ers who have mas­tered com­put­ers and cy­berspace, they per­form good deeds.

Cybersecurity is an is­sue with­out bound­aries, and some­times things need to be shared and solved via an in­ter­na­tional think tank.”

PHO­TOS PRO­VIDED TO CHINA DAILY

In­ter­net se­cu­rity en­thu­si­asts par­tic­i­pate in a ses­sion re­lated to the preven­tion of telecom­mu­ni­ca­tions fraud dur­ing a fo­rum or­ga­nized by Wooyun, China’s largest on­line “white-hat” hacker com­mu­nity, held in Beijing in July.

Newspapers in English

Newspapers from China

© PressReader. All rights reserved.