Insurgency Overview
The Hóngkè Union of China (中国红客)(HUC) is a Chinese nationalist hacker group most famously known for defacing the White House website after the Hainan Island Incident in 2001 (1). Their name means “red guest” and is a play on words for the word ‘hacker’, which is a “black guest” – a reference to the English term ‘black hat’, which symbolizes a hacker that violates the law. The color red, moreover, is a reference to the main color of the Chinese Communist Party.
Like many hacker groups, such as Anonymous, the HUC is more of a united collective than a hierarchical group. While there is some form of meritocracy within the group, including a master-and-apprentice relationship whereby more experienced hackers guide newcomers forward, there is no unitary command structure (2). In fact, some of the different cells even directly compete with one another (3). At its peak level of activity, there were over 80,000 hackers associated with the HUC, but that number has most likely dropped significantly in modern times (4).
History & Foundations
The Hóngkè Union’s origins can be traced back to the nationalist Chinese hacker boards that popped up online during the aftermath of the accidental 1999 US bombing of the Chinese embassy in Belgrade during the Yugoslav Wars, as well as anti-Chinese riots in Indonesia in 1998 (2). The HUC was founded by someone who is only known by a screen name, “Li0n” (4).
Their first major action was to take part in what is sometimes referred to as a ‘hacker war’ between China and the US. This was a series of website defacements by nationalist hackers from both countries that took place after 2001’s Hainan Island incident, where an American spy plane and a Chinese interceptor collided over the South China Sea (5)(6)(7).
During this so-called hacker war, the HUC famously did a distributed denial-of-service (DDoS) attack on the White House website, where they overwhelmed the site’s servers with access requests so legitimate users could not log onto it. In addition, they took down other U.S. government sites and replaced them with images of Chinese flags and messages such as, “CHINA HACK!” and “Beat down Imperialism of American [sic]! Attack anti-Chinese arrogance!”. Altogether, the HUC (in addition to other, non-affiliated Chinese hackers) hacked over 1,000 American sites (3)(8).
The cyber war marked the brief high point of the HUC. This coordinated attack on what was seen as American imperialism helped bring together hackers in one shared goal. Following it, however, disagreements began and the group began to splinter apart. In 2004, just three years after the cyber war, the founder of the HUC, Li0n, announced the group’s disbandment. Many of the hackers involved went on to get legitimate jobs at Chinese corporations (4).
Despite the official announcement of disbanding, the HUC still exists in some capacity. In 2012, for example, even though eight years had passed since Li0n’s call for disbanding, 300 Japanese websites were listed as targets on an HUC affiliated website (8).
Objectives & Ideology
As the Hóngkè Union is a nationalistic group, their ideology matches that of the Chinese Communist Party. Unlike the popular perception of Western hackers, who are often portrayed as individualistic or even anarchic, the HUC is known for its patriotism. One Chinese hacker told the Hong Kong Sunday Morning Post that, “[...] Chinese hackers tend to get more involved with politics because most of them are young, passionate, and patriotic.” (3)
As the HUC is a collection of cells and individuals, they do not have a unified objective. Outside observers have even noted that the HUC seems to be very disorganized (3). Still, the fragmentary nature of the HUC is not necessarily a downside when analyzing their capabilities. Instead, this lack of a unified structure can allow the group to be much more reactive, since no one has to wait for orders from a chain of command (2). It also ensures that there will always be HUC forums as long as the idea and motivation are there, as there’s not one central website that can be taken down and disrupt the group. Since the HUC is spread out over dozens of boards and forums, it is also relatively impossible to erase their presence from the web.
Approach to Resistance & Hacker/Political Capabilities
The HUC’s most notable action was the cyber war conducted against the United States following the Hainan Island incident in 2001. This cyber war showed a large degree of coordination in the HUC, with Liu Qing, a former member, saying, “We were so excited, taking shifts and working 24/7 [to keep up the attacks].” In the months following this cyber war, over 80,000 people joined the HUC, making it China's largest known hacker group to date (4).
Their capabilities seem to be rudimentary, as the majority of their notable attacks are fairly simple website defacements or DDoS attacks, neither of which requires a particularly advanced hacking skill set. DDoS attacks in particular are just about the most rudimentary type of cyber attack, and don’t require any knowledge of coding or infosec. In fact, it's possible to unintentionally commit something similar to a DDoS attack simply by having a small website trend on social media. The large uptick in traffic will shut down the site, as the servers are not prepared for such an amount of visitation. This is also known as the Slashdot effect or the Reddit Hug of Death (9)(10).
Just like Anonymous, the backbone of HUC’s attacks follow the proverb ‘quantity over quality’, of which the aforementioned DDoS is the perfect example of. Also similarly to Anonymous, HUC’s greatest capability lies in its reactionary and decentralized nature. This nature means that when political tensions are high, such as in the aftermath of the Hainan Island incident, HUC has thousands of hackers who will coordinate attacks on perceived enemies. On the other side of the coin, when tensions simmer down, the group, much like Anonymous, splinters and falls into disarray (2)(11).
Being a group of hackers, the Hóngkè Union has never taken part in any physical acts of violence.
Relations & Alliances
As the Hóngkè Union lacks coherent central leadership, there are no formal alliances. Keeping in mind that a hóngkè is any patriotic Chinese hacker, there are many other hóngkè groups that share ideological connections. Groups that emerged pre-2010 include the China Eagle Union and the Chinese Red Hacker Alliance (中国红客联盟). More recent groups include 1937CN, which hacked the check-in systems at major Vietnamese airports in July 2016 (8)(12).
The precursor to almost all of these groups is the Green Army (绿盟), one of China’s first hacker groups, and the genesis of nationalist Chinese hacking. Led by a hacker who went by the screen name Goodwell, the Green Army participated in hacks against Indonesia after the May 1998 anti-Chinese riots. They also were involved with the Red Hacker Alliance in hacks against Taiwan and Japan (13).
Works Cited (Chicago-style)
(1) - Walton G. Trading with China: What risks, responsibilities, opportunities? web.archive.org. Published August 11, 2009. https://web.archive.org/web/20090811031100/http://www.beijing2008conference.com/articles.php?id=101#3 (2) - Edwards M. Honker’s Union of China (HUC): Quantity and Quality. Medium. Published April 11, 2018. https://medium.com/@theCTIGuy/honkers-union-of-china-huc-quantity-and-quality-96ec0fd8ad86 (3) - Hvistendahl M. Hackers: the China Syndrome. Popular Science. Published April 23, 2009. https://www.popsci.com/scitech/article/2009-04/hackers-china-syndrome/ (4) - Nan W. From hackers to entrepreneurs: The Sino-US cyberwar veterans going straight. South China Morning Post. Published August 21, 2013. https://www.scmp.com/news/china/article/1298200/hackers-entrepreneurs-sino-us-cyberwar-veterans-going-straight (5) - DeSombre W, Byrnes D. Thieves and Geeks: Russian and Chinese Hacking Communities | Recorded Future. www.recordedfuture.com. Published October 10, 2018. https://www.recordedfuture.com/russian-chinese-hacking-communities
(6) - Left S. Chinese and American hackers declare “cyberwar.” the Guardian. Published May 4, 2001. https://www.theguardian.com/technology/2001/may/04/china.internationalnews
(7) - Delio M. It’s (Cyber) War: China vs. U.S. Wired. Published April 30, 2001. https://www.wired.com/2001/04/its-cyber-war-china-vs-u-s/ (8) - Delio M. A Chinese Call to Hack U.S. Wired. Published April 11, 2001. https://www.wired.com/2001/04/a-chinese-call-to-hack-u-s/ (9) - Slashdot effect. Wikipedia. Published February 6, 2022. https://en.wikipedia.org/wiki/Slashdot_effect
(10) - What is the reddit hug of death? Reddit. Published October 16, 2014. https://www.reddit.com/r/OutOfTheLoop/comments/2jfelz/what_is_the_reddit_hug_of_death/
(11) - Beech H. China’s Red Hackers: The Tale of One Patriotic Cyberwarrior. Time. Published February 21, 2013. https://world.time.com/2013/02/21/chinas-red-hackers-the-tale-of-one-patriotic-cyberwarrior/
(12) - .Red Hacker Alliance. clever-geek.imtqy.com. https://clever-geek.imtqy.com/articles/5236494/index.html
(13) - Edwards M. China’s Green Army: Capitalism Defeats China’s First Hacking Group. Medium. Published March 28, 2018. https://medium.com/@theCTIGuy/chinas-green-army-capitalism-defeats-china-s-first-hacking-group-d4c73631d2ca
Gallery & Photo(s)
Additional Resources
Comments