Two men linked to the Chinese state-sponsored hacking group Salt Typhoon, which has been implicated in a series of high-profile cyber attacks on US targets, have been identified as having attended a Cisco networking training program. The individuals, Qiu Daibing and Yu Yang, were found to be partial owners of firms that were linked to the Salt Typhoon group through a recent US government advisory.
According to researcher Dakota Cary, who made the discovery, both men had participated in the Cisco Networking Academy Cup competition in 2012, where they ranked among the top performers. This has raised questions about how Salt Typhoon hackers, who have been accused of using sophisticated hacking techniques to breach network devices, managed to learn their skills from a program that is designed to educate IT students.
Cary believes that Qiu Daibing and Yu Yang's participation in the Cisco Networking Academy highlights a broader issue with the global availability of technology products and training programs. "It's just wild that you could go from that corporate-sponsored training environment into offense against that same company," he says.
Cisco has confirmed that its networking academy is open to everyone, and that it provides foundational technology skills and digital literacy. However, the company has also acknowledged that some individuals may be using the program for malicious purposes. When WIRED reached out to Cisco about Cary's findings, the company stated that it remains committed to helping people around the world gain the foundational digital skills needed to access careers in technology.
Cary's research highlights the complexities of cybersecurity and the need for greater cooperation between governments and technology companies to prevent cyber attacks. As China continues to expand its own surveillance state and restrict information sharing with the global community, experts warn that the risk of cyber attacks from Chinese hackers will only increase.
According to researcher Dakota Cary, who made the discovery, both men had participated in the Cisco Networking Academy Cup competition in 2012, where they ranked among the top performers. This has raised questions about how Salt Typhoon hackers, who have been accused of using sophisticated hacking techniques to breach network devices, managed to learn their skills from a program that is designed to educate IT students.
Cary believes that Qiu Daibing and Yu Yang's participation in the Cisco Networking Academy highlights a broader issue with the global availability of technology products and training programs. "It's just wild that you could go from that corporate-sponsored training environment into offense against that same company," he says.
Cisco has confirmed that its networking academy is open to everyone, and that it provides foundational technology skills and digital literacy. However, the company has also acknowledged that some individuals may be using the program for malicious purposes. When WIRED reached out to Cisco about Cary's findings, the company stated that it remains committed to helping people around the world gain the foundational digital skills needed to access careers in technology.
Cary's research highlights the complexities of cybersecurity and the need for greater cooperation between governments and technology companies to prevent cyber attacks. As China continues to expand its own surveillance state and restrict information sharing with the global community, experts warn that the risk of cyber attacks from Chinese hackers will only increase.
I'm telling ya, this is a huge security breach waiting to happen! 
If Qiu Daibing and Yu Yang can sneak out of Cisco's training program and become part-time hackers for Salt Typhoon, what other malicious actors are doing the same? 
It's like we're playing whack-a-mole with cyber threats - every time we think we've plugged a hole, another one pops up! 
The fact that they were able to rank among top performers in Cisco's program is just mind-boggling - it's like we're giving our enemies the keys to the kingdom! 
. It's like how we learn life skills, but sometimes we use them in ways that aren't exactly what they were meant for 
I'm not saying Cisco is to blame or anything, but they do need to be more careful about who's taking their courses and what they're using those skills for.
Cisco's networking academy is supposed to be about teaching people the basics of tech, not advanced hacking skills. This whole thing is just so shady, you know? 
The fact that these hackers were able to get their hands on this training and then use it against Cisco itself is just mind-blowing... I don't think anyone saw this coming! 
. But at the same time, you've got to wonder how this all happens in the first place 
? Anyway, I'm just glad Cisco is acknowledging the issue and saying they're committed to stopping malicious use 
. We need more of that kind of cooperation between tech companies and governments to prevent cyber attacks 
It's a tricky situation, but I guess it's just one of those things we have to deal with in today's cyber world.
We need better cooperation between governments and tech companies if we're going to stay one step ahead of hackers.
I swear it's like a taste explosion in your mouth 
I've been meaning to try it out for weeks, but I kept forgetting 
what's crazy is how much of a difference it makes - I can actually feel the caffeine kicking in instead of just sitting there 
️ anyway back to this Salt Typhoon thing... it's wild that someone would use their networking skills for evil 
. It just highlights the need for better security measures and cooperation between tech companies and governments, you know? We can't keep relying on one-size-fits-all solutions to tackle these issues. More needs to be done to prevent this kind of thing from happening again 
. it's like they took a degree in computer science and still thought they could just game the system... meanwhile, regular people are trying to learn how to protect themselves from all this 
. cybersecurity is not just about technical knowledge, it's also about ethics and accountability 