Cisco Hacking Duo May Have Trained at Cyber School
Estimated read time 4 min read
Posted in Cybersecurity

Cisco Hacking Duo May Have Trained at Cyber School

Key Takeaways

  • Two alleged members of the Chinese state hacking group Salt Typhoon, Yu Yang and Qiu Daibing, were former attendees of the Cisco Networking Academy Cup in 2012.
  • The Cisco Networking Academy Cup is a training initiative that provides foundational cybersecurity skills to participants, which may have inadvertently helped Yu and Qiu develop their offensive capabilities.
  • The campaign carried out by Salt Typhoon led to compromises of at least 80 global telecoms companies, allowing China to snoop on secret communications between elected officials and US law enforcement.
  • There is no evidence to suggest that Cisco or its academy cup played a direct role in Yu and Qiu’s later work as cyberspies for Beijing.
  • The findings highlight the importance of vendors being aware that knowledge of offensive capabilities may be in enemy hands, especially when offering local training in geopolitically unfriendly regions.

Introduction to Salt Typhoon and Cisco Networking Academy
The Cisco Networking Academy Cup is a training initiative that has been running since 1997, with the goal of providing foundational cybersecurity skills to participants. Recently, a security researcher specializing in tracking China threats claimed that two members of the Salt Typhoon hacking group, Yu Yang and Qiu Daibing, were former attendees of the Cisco Networking Academy Cup in 2012. This revelation has raised questions about the potential risks of providing cybersecurity training to individuals who may later use their skills for malicious purposes.

The Link Between Yu, Qiu, and the Cisco Networking Academy Cup
Yu Yang and Qiu Daibing, two alleged members of the Chinese state hacking group Salt Typhoon, were found to have participated in the Cisco Networking Academy Cup in 2012. The researcher, Dakota Cary, discovered that Yu and Qiu represented Southwest Petroleum University in the competition, with Yu’s team placing second in the Sichuan region and Qiu’s team winning the regional competition and later placing third nationally. This link between Yu and Qiu’s participation in the Cisco Networking Academy Cup and their later involvement in Salt Typhoon’s hacking activities has sparked concerns about the potential risks of providing cybersecurity training to individuals who may later use their skills for malicious purposes.

The Impact of Salt Typhoon’s Campaign
The campaign carried out by Salt Typhoon, which was first publicized in 2024, has been described as one of the most severe and sensitive cybersecurity breaches in US history. The group’s hacking activities allowed China to snoop on secret communications between elected officials, US law enforcement’s CALEA requests, and more. The campaign resulted in the compromise of at least 80 global telecoms companies, highlighting the significant threat posed by Salt Typhoon’s activities.

The Role of Education Initiatives in Cybersecurity
The findings of the researcher, Dakota Cary, highlight the importance of considering the potential risks of providing cybersecurity training to individuals who may later use their skills for malicious purposes. While the Cisco Networking Academy Cup itself is not cause for concern, the fact that Yu and Qiu were able to develop their offensive capabilities through their participation in the program raises questions about the effectiveness of education initiatives in preventing cybersecurity threats. Cary noted that any vendor offering local training in geopolitically unfriendly regions should be aware that knowledge of offensive capabilities may be in enemy hands.

Conclusion and Recommendations
The revelation that two alleged members of the Salt Typhoon hacking group were former attendees of the Cisco Networking Academy Cup has significant implications for the cybersecurity industry. The findings highlight the importance of considering the potential risks of providing cybersecurity training to individuals who may later use their skills for malicious purposes. To mitigate these risks, vendors should be aware of the potential for knowledge of offensive capabilities to be in enemy hands, especially when offering local training in geopolitically unfriendly regions. Additionally, the findings suggest that educational background is not a reliable predictor of workplace capability, and that offensive teams may benefit from sending their own people through similar training initiatives. Ultimately, the story of Yu and Qiu serves as a reminder of the need for vigilance and caution in the cybersecurity industry, and the importance of considering the potential risks and consequences of providing cybersecurity training to individuals who may later use their skills for malicious purposes.

You May Also Like

More From Author

Peter Greene, Star of ‘Pulp Fiction’ and ‘The Mask’, Dies at 60

Peter Greene, Star of ‘Pulp Fiction’ and ‘The Mask’, Dies at 60

Politics in Turmoil: Rise of Reform and Labour’s Decline

Politics in Turmoil: Rise of Reform and Labour’s Decline

Leave a Reply

Your email address will not be published. Required fields are marked *

Trending Today