When This “Red Boy” Grows Up, AI-Based Tool 360GPT Could Give China an Edge in Cyber Conflict
Will 360GPT boost Qihoo 360’s network defense capability? It is still too early to tell, but company founder and CEO Zhou Hongyi has been a key tech tycoon honing China's cyber warfare readiness.
On April 6, Zhou Hongyi (周鸿祎), the founder, and CEO of Qihoo 360, the largest cyber security company in China, boasted at a local digital development forum that the company’s 360 Brain of Security, allegedly “the world’s largest distributed intelligence security system,” will incorporate Generative Pre-trained Transformers (GPT), an artificial intelligence (AI) tool, to defend clients against network attacks. Zhou touted GPT as a productivity enhancement tool that will unleash a new industrial revolution. Indeed, he said, all software, applications, and websites ought to be reinvented with GPT’s capability. Zhou revealed that Qihoo 360 has the world’s largest pool of security big data. This data advantage, together with GPT’s knowledge, understanding and reasoning ability and the company’s existing Brain of Security system, will enable Quihoo 360 to excel in defending clients against network attacks in the future.
Meet 360GPT, the Red Boy
Zhou Hongyi is the first Chinese tech tycoon who announced an intention to introduce GPT AI into information security systems. Zhou calls this is 360’s “two wings flying together” strategy – developing core algorithms while actively seizing the moment to apply AI technology to the cybersecurity field. Chinese media speculated whether Zhou’s enthusiastic embrace of ChatGPT was his attempt at a “second spring” for his career, since his recent divorce transferred $1.3 billion worth of Qihoo 360 shares to his ex-wife. However, Qihoo 360’s announcement in February that is developing 360GPT, its own variant of the technology that American company OpenAI made famous with the ChatGPT bot, has been driving investor interest. Qihoo 360 stock shares rose continuously from February to April.
On March 29, Zhou couldn’t wait to show off 360GPT at a digital security development forum hosted by Qihoo 360. The demo did not go smoothly because the tool often made errors when answering specific questions. Zhou showed a slight awkwardness, saying this was not an official product launch but rather a prototype demonstration to satisfy people’s curiosity. It was like a newborn baby that friends and family want to meet. “We still have to cuddle the baby back home and let the baby continue to grow.” Online chat participants humorously called 360GPT “Red Boy,”, portraying it as Zhou’s baby; Zhou wears red polo shirts at public events and calls himself Uncle in Red (红衣大叔). Industry insiders call him “the Cardinal.”
It is unclear whether 360GPT will increase Qihoo 360’s capability in network defense. Regardless of whether Zhou Hongyi’s hyping ChatGPT is a business strategy or an evaluated cyber defense capability improvement, or an attempt to show the Chinese government that he and his company can do more, Zhou has been one of the most outspoken persons about the risk and threat of cyber warfare China faces and how to prepare for it. Zhou represents private sector elites in China actively participating in the process of building China’s offensive and defensive cyber capabilities.
Zhou: The Era of Cyber Warfare has Come
Zhou claims that he was prescient in announcing as early as 2016 that the world had entered the era of cyber warfare, although some people scoffed at him at that time. In September 2017, at the 5th China Internet Security Conference (ISC), Zhou Hongyi proposed a new concept of “an Era of Big Security” (大安全时代) where cybersecurity extends to all security matters both online and offline. Zhou pointed out the important forthcoming developments in the era of big security are that cyber warfare is unavoidable and that vulnerabilities are weapons of cyber warfare. Cyber warfare is a people’s war (人民战争)1, meaning it centers around people and will be a long-term war. Zhou further explained that the essence of cyber warfare is vulnerability, a flaw or weakness in an IT system that can be exploited. This concept goes beyond technical vulnerabilities in software and encompasses broader weaknesses in whole networks. Understanding these network vulnerabilities is equivalent to mastering the basic resources for building a network of weapons. Indeed, said Zhou, vulnerabilities should be considered as national strategic resources.
Zhou’s company, Qihoo 360, controls powerful offensive and defensive resources in that it actively discovers and develops exploits for network vulnerabilities. In a July 2018 interview, Zhou Hongyi boasted that, even if the US prides itself on its cyber advantage, Qihoo 360’s cyber defense and offense capability is “not weak.” He and his company have been advising the Chinese government on how to prepare for a cyberwar. Zhou added that that China’s main disadvantage in a cyberwar is its heavy dependence on foreign technology, especially US technology, such as chips, software, hardware, operation systems and internet protocols.
In September 2019, at the 7th China ISC, Zhou Hongyi gave another speech to emphasize that critical infrastructure has become the core battle ground of cyber warfare.
In August 2020, in an interview with the Chinese state news source Global Times, Zhou claimed that cyber warfare is the number one security threat facing China. He called on the country to have a national strategic plan for cyber warfare. When asked how to prepare for cyber warfare, Zhou suggested that China do the following:
build big data networks so as to discover enemies’ cyber operations.
establish intelligence standards for finding vulnerabilities and patching them.
develop intelligence standards for offensive and defensive threats.
strengthen security talent training to foster experts who have the ability to conduct cyber warfare.
and lastly, focus on accumulating network attack and defense knowledge to master adversaries’ attack methods.
Openly Alleging US Nation State Attack Activity and Backdoor Tools
As the tensions between the US and China continue, China’s intention to position the US as a cyber aggressor has been on the country’s agenda. One method used was to openly call out US hacking activities. Qihoo 360 is one of a few information security firms picked by the Chinese government to execute it.
Qihoo 360 reports called out US hacking activities three times in the past three years:
March 3, 2020: It reported that the US Central Intelligence Agency hacked Chinese critical industries for 11 years between September 2008 and June 2019. The report drew from the so-called Vault 7 materials, a dump of cyber tools that a CIA insider leaked in 2017. Qihoo 360 identified the CIA group that developed the tools as APT-C-39 and focused particularly on one of the Vault 7 tools, the Fluxwire backdoor.
March 2, 2022: It drew on leaked documents to describe the tools and attack systems associated with APT-C-40, its name for a group it attributed to the US National Security Agency (NSA).
September 2022: It claimed APT-C-40 used 41 types of cyber weapons to breach and steal a “large amount of sensitive data from China’s Northwestern Polytechnic University,” which self-describes as a research-focused institution with disciplines in aeronautics, astronautics, and marine technology engineering.
After Qihoo 360 released the September 2022 report, Zhou Hongyi called for establishing a national hacking weapon “gene bank.” As cyber warfare becomes a mainstream confrontation between major powers, he noted, cities and critical information infrastructures have become prime targets for attack. Zhou claimed in the past 10 years, Qihoo 360 has captured 30 billion attack samples and established the world’s largest security big data and sample database.
Qihoo 360’s ability to compile a massive database and work toward an attack sample “gene bank” may have been facilitated by its government collaboration. The company’s 360 Brain of Security systems benefit from collaboration between Qihoo 360 and the 3rd Research Institute of the Ministry of Public Security (MPS). In September 2019, about a year after Qihoo 360 launched 360 Brain of Security, the company signed a cooperation agreement with the MPS.
In May 2020, after the first Qihoo 360 report about the alleged CIA hacking activities, the US Commerce Department added Qihoo 360 to its list of entities with whom US companies need a special license to trade. In a Chinese media interview, Zhou said the US action against Qihoo 360–the first ever such penalty against an information security company–was because of the report. Although Qihoo 360’s publication of the report exposed the company’s detection and analysis capabilities, indeed, the company “has collected 30 billion cyberattack samples worldwide over the past decade. The US probably thinks we know too much.”
Currently, Qihoo 360’s 360GPT technology seems still immature, as shown in Zhou Hongyi’s March 29 demo. However, Zhou and his company will not likely stop exploring the uses of AI technology to enhance both defensive and offensive cyber tool kits. As Zhou said, “the enemy is already with us, so do not seek to establish the Maginot Line.” Cyber warfare has come.
People’s war is a military-political strategy first developed by Mao Zedong, the first Chairman of the Chinese Communist Party and President of the People’s Republic of China. People’s war is centered on maintaining the support of the population and prepare for a protracted war.