Talk on Chinese Cyber Army Pulled From Black Hat

A talk on China’s state-sponsored offensive security efforts scheduled for the Black Hat conference later this month has been pulled from the conference after concerns were raised by some people within the Chinese and Taiwanese government about the talk’s content.

A talk on China’s state-sponsored offensive security efforts scheduled for the Black Hat conference later this month has been pulled from the conference after concerns were raised by some people within the Chinese and Taiwanese government about the talk’s content.

The presentation was to be delivered by Wayne Huang, CTO of Armorize, an application security company with R&D operations in Taiwan. The talk was billed as an in-depth, historical look at the offensive capabilities and operations of China’s so-called cyber-army. The description of the presentation on the Black Hat site promises an interesting presentation.

“Operation Aurora, GhostNet, Titan Rain. Reactions were totally different in the US and in Asia. While the US media gave huge attention, Asia find it unbelievable and interesting, that cyber warfare and
government-backed commercial espionage efforts that have been well established and conduced since 2002, and have almost become a part of people’s lives in Asia, caused so much “surprise” in the US. Here we’ll call this organization as how they’ve been properly known for the past eight years as the “Cyber Army,” or “Wang Jun” in Mandarin. This is a study of Cyber Army based on incidences, forensics, and investigation data since 2001. Using facts, we will reconstruct the face of Cyber Army (CA), including who they are, where they are, who they target, what they want, what they do, their funding, objectives, organization, processes, active hours, tools, and techniques.”

Caleb Sima, Armorize’s CTO and co-founder, said on his Twitter feed yesterday that the talk had been pulled. “I had to pull our blackhat talk. Taiwanese gov is prohibiting it due to sensitive materials. Unreal.”

This kind of last-minute cancellation of sensitive talks at security conference, particularly Black Hat, has become a common occurrence in recent years. The most famous example is the Mike Lynn incident in 2005 when Lynn, then an employee of ISS, was supposed to deliver a talk about a flaw in Cisco’s ubiquitous IOS software. At the last minute, Cisco and ISS objected to the details of Lynn’s talk and threatened him with legal action if he presented it. Lynn then quit ISS and gave his talk anyway.

Last year a talk by researcher Barnaby Jack on ATM vulnerabilities was canceled under similar circumstances.

[Listen to Sima discuss the Black Hat controversy with Dennis Fisher]: [swf

Huang’s talk on the Chinese cyber army is an especially interesting case, however. Armorize has research operations in Taiwan and presumably needs to maintain a working relationship with the country’s government. But this is not the first time that Huang would have given this particular presentation. He’s been giving various versions of it for several years now, including at the OWASP conference in Taiwan in 2007.


“They went over how the NetArmy is trained and organized and how courses in Military Cyber Warfare are being institutionalized. Imagine instead of getting a degree in Information Security, you get one in Military Cyber Warfare. Talk about a bold new world,” Jeremiah Grossman, CTO of WhiteHat Security, who saw a version of Huang’s talk at the conference in 2007, said in a blog post at the time. “In Taiwan it’s an environment of true military supported cyber warfare as a result of an intense political climate with China. Both sides are extremely well organized, funded, motivated, their actions unrestricted.”

It’s not clear at this point whether Black Hat will replace Huang’s talk or whether he may deliver a watered-down version of it instead.

Suggested articles


  • Anonymous on

    Sounds like a good candidate for a talk at BsidesLV!

  • Anonymous on

    heh...just throw it up on youtube

  • Anonymous on

    Why would this be a good talk for bSides? Sima states he pulled the talk because they don't want to piss off the Taiwanese government. How does changing one venue in Vegas to another change the reaction of a foreign government? Are you high?

  • Anonymous on

    It mentions that he's given the talk numerous times since 1997, so it could make sense to just give the talk elsewhere with no repercussions.  Although you'd think the talk being available for the entire world via YouTube would piss the government off pretty well...

  • Anonymous on

    "He's been giving various versions of it"

    This doesn't mean "He's been giving the talk they pulled from blackhat" 

    It means "he's been giving different versions of this talk, this particular version caught someones attention"

  • Anonymous on

    Right trying to cover your ass from the tawanese... Thats to much hahaha
  • Anonymous on

    You can't suppress information.  The talk will be published soon enough somewhere.

  • Anonymous on

    So where is this talk notes online, then? Grossman's page only spoke about it. This information is not public knowledge. Is it disinformation, so China wants it pulled. Or true so they want it pulled? They ban key terms like Tiananmen Square incident, but not santa claus.

    So, China is training legions of cyberarmy goons to take over the world, this is public knowledge, yet news doesn't cover it? Where's the beef.

  • Anonymous on

    They, "had to"... Nobody ever heard of them but after pulling :P this tired snakeoil security move, now they do. Their getting more attention then if they had the best talk of the year. The only plausible thing is if the .tw gov is a customer and they blackmailed them. Their not Chinese so who cares about them? Of course they don't want people to know about the criminals they protect. The criminality they condone. Their "sensitive" info was found via Bandu haha. These talks ALWAYS disappoint. Nothing but hype.

  • Anonymous on

    A similar talk was delivered by Jeffery Carr of GreyLogic at the Securitybyte Conference in India in November 2009, where he unveiled the State and Non-state Actors behind the Chinese Cyber Army. He also presented his research on China's Information Warfare strategy, which was really interesting and an eye opener.

  • Anonymous on

    How can we get access to the presentation?  If they want to stop us from hearing about it, then I really want to read it.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.