To find out whether or not the repetition of those names could possibly be a coincidence, Cary checked out two databases of Chinese language names and consulted Yi Fuxian, a professor of Chinese language demography on the College of Wisconsin-Madison. It seems that the identify Qiu Daibing (in Chinese language characters 邱代平) is a reputation that’s comparatively unlikely to seem twice by likelihood, he says. Yi confirmed to WIRED that the surname “Qiu” alone accounts for under 0.27 % of Chinese language names, and when mixed with particular army names, the proportion turns into a lot smaller.
The identify “Yoyo” is extra widespread. However Cary theorizes that it is unlikely that the 2 names seem in affiliation by likelihood. “It is merely inconceivable that somebody with this identify could possibly be mixed with Yu Yang, have this talent set, and attend the identical college in the identical location the place these firms are registered. It is simply extremely unlikely that these folks aren’t the fitting folks,” Cary argues.
WIRED tried to contact Qiu Daibing and Yu Yang through each Qiu Daibing’s LinkedIn web page and the e-mail deal with on Beijing Huanyu Tianqiong’s web site, however didn’t obtain a response.
If Mr. Cary’s concept that the 2 males concerned with Salt Hurricane had been truly skilled at Cisco’s Networking Academy is right, he says it doesn’t suggest there have been any flaws or safety oversights in Cisco’s program. Somewhat, it factors to an issue that’s tough to keep away from in a globalized market the place know-how merchandise, and even coaching on the technical particulars of these merchandise, are broadly accessible, together with to potential hacking adversaries.
However the issue has change into much more pronounced as a result of China has lengthy sought to interchange Cisco tools and different Western tools in its networks with home alternate options, Cary argues. “If China is definitely transferring in direction of eradicating these merchandise from its networks, who would nonetheless wish to find out about them?” Cary asks.
In the meantime, China is more and more proscribing the sharing of its data with the worldwide cybersecurity group, together with pressuring safety researchers to not current their analysis at worldwide conferences, mentioned John Hultquist, principal analyst at Google’s Risk Intelligence Group.
“We’re sort of in a sharing group, they usually maintain telling us to our faces that they are not going to retaliate,” Hultquist mentioned. “We’re benefiting them with our program, nevertheless it’s not going the opposite manner.”
