Much of the hacking prowess in China is attributed to "gray hat" hackers – techie mercenaries, often younger males, geeks proud of the title – who can be mobilized to attack systems if needed, experts say.
In cyberparlance, black hats are hackers whose professional life is spent trying to attack other systems. White hats are those who defend against attacks. But China is regarded as having a substantial number of hackers in the gray middle – cutting-edge technopatriots loosely affiliated with the Chinese government, but who are not formal agents of the state.
This allows many Chinese hackers to exist in a zone of deniability. To be sure, provability and deniability are central in cyberwarfare. The most difficult problem is how to prove who hacks a system.
In recent weeks, Beijing has officially expressed shock, pain, and denial of news reports like those in Der Speigel fingering China, and at a host of official and semi-official accusations. But China's ardent denials, in the face of its own professed desire to be a cyberattack specialist, are not entirely persuasive, analysts say.
"Sometimes [Chinese] will brag about their exploits, and other times they'll disclaim them entirely, blaming unknown rogue individuals," says Bill Woodcock, research director at Packet Clearing House, a nonprofit research institute that focuses on Internet security and stability.
The new focus by other governments on China's capabilities are part of getting to know a country long criticized for a lack of transparency. "China's ambitions are quite extensive. It is a great power that is rising, and so other people want to scrutinize you. That's part of being a great society," says a veteran European China-watcher in Beijing. "When you hack into the private files of other governments, people want to know what you are doing. If you talk about a harmonious world, and a harmonious society, and then you do things that aren't harmonious – you get called out."