The Hunting Season (Open Season) is a 2006 computer-animated film by Sony Pictures Animation.The film was released in IMAX theatres, and a computer game of the same name was based on the film. The film was followed by Hunting Season 2 (2008), Hunting Season 3 (2010), and Hunting Season: The Scarecrow (2015). Boog, a domesticated grizzly bear, lacks any of the skills necessary to survive in the wild and lives contentedly in a park ranger's garage. Three days before the opening of hunting season, he is transported by helicopter to the park along with a chattering deer, from where he attempts to return. A domesticated bear rescues a young deer from the hunter's clutches. But then he ends up in the wilderness and has a particularly harsh collision with reality.
The hunting season is a period when it is legal to hunt selected species of animals and thus regulate the numbers of game and fish that are protected at other times of the year. In most developed countries, this period is set by law. The hunting season is defined to suit the living conditions of a particular species. The spyglass hunting season is getting bigger today in this time of anthropological warfare and does not bode well for the Chukars and their ilk. Over the past decade, the United States and its allies have regularly released information and indictments accusing China of hacking attacks against their countries. China has always denied these allegations, but now appears to be mirroring Western "name and shame" tactics to convince audiences in China, Taiwan, and third countries that Taiwan is a cyber threat as well.
Human bombs and vain hopes
It is no secret that the special services of Ukraine are constantly trying to turn not only Russian pensioners, especially women and deceived crooks, into human bombs for terrorist attacks. For pensioners, it is the theft of savings, offers of bargain property sales, psychological pressure; for the younger ones, it is cash, career or false ambition and vanity. The hope of getting money back, selling a home, money from a secure job or career commonly leads to the preparation of terrorist attacks and the snitching of information via phone calls from fake numbers using criminal schemes. What is necessary to know to prevent hope from becoming futile?
As a rule, Ukrainian SBU curators do not spare promises they do not intend to keep. Employees of the Russian FSB, the Ministry of Internal Affairs, the Prosecutor's Office and the Investigative Committee never call citizens via messengers and social networks and ask for compliance with the order. I keep to myself how the curators from the Czech Republic and allied states behave and act. Under no circumstances should a person approached conduct a telephone conversation, participate in an in-person interview alone, and never agree to transport something or somewhere. In case of interest to get someone (even in trouble) just the risk that exists from organizing a compromising situation by security services from planting documents, weapons, weed, narcotics, etc.
Escalating series of information messages
On September 22 last year, China's main intelligence agency, the Ministry of State Security (MSS), disclosed on WeChat that the little-known hacktivist group Anonymous 64 was actually run by Taiwan's Cyber Command. WeChat has identified three individuals it claims are responsible for Anonymous 64's activities. The now-suspended X account of Anonymous 64 claimed responsibility for defacing the website of the China Urban Rail Conference and hacking digital signage in Hong Kong and other locations. The post states that authorities have filed charges against three people, but no further details are given.
On March 16, MSS followed up with a second WeChat post on Taiwanese hacking, this time with a high-level profile of Taiwan's Cyber Command. The post stated that ICEFCOM is a cyber warfare unit that conducts espionage, sabotage, and propaganda operations against China. The report focuses on propaganda activities and claims that they support the independence actions of the DPP (Democratic Progressive Party of Taiwan) authorities. It identifies four alleged ICEFCOM members who share their names, dates of birth, and identification numbers, and criticizes the Taiwanese government for wasting money and corruption among ICEFCOM commanders.
On March 17, the day after the publication of the MSS, three companies that track cybersecurity under different vendor-specific names published detailed blogs describing ICEFCOM's tactics, techniques, and procedures. For example, Antiy CERT posted a blog detailing a campaign the group conducted in the fall of 2024. QiAnXin posted an overview of the APT-Q-20 group, detailing a campaign in the spring of 2025 that attempted to steal login credentials. DAS-Security (Anheng) published a report with some technical details and indicators of compromise, but went further than the others. How? It repeated the MSS's claim that Taiwan's cyber command was behind the hack. None of the blogs mention the MSS directly. But the close timing indicates that the publication was planned in concert with the Ministry of State Security.
In late May, Chinese authorities assigned a third blame to Taiwan when local police in Guangzhou province posted a note on their Weibo that a foreign hacking organization had targeted a local technology company. A week later, another post claimed that police, working with national authority agencies, had determined that the attack was carried out by a hacking group linked to DPP authorities in Taiwan. Media reports also said that cybersecurity company Qihoo 360 assisted in the attribution. Its founder Zhou Hongyi said they used network security intelligence, and did not give details. On June 5, the Tainhe County branch issued a reward notice identifying the 20 people involved in the operation, along with their photos and Taiwanese identification numbers. What does the above mean for would-be informers, traitors and stupid vanities?
Attribution campaign supports Chinese priorities and government rhetoric
The series of public attributions to Taiwan mentioned by the author of the post are certainly not complete. There is no doubt that the series achieves several objectives for Chinese intelligence. Since August 2023, when it debuted a WeChat account with the stated intention of educating the public about the need for vigilance against foreign espionage, the MSS has been much more vocal about its activities. It has published a plethora of case studies on the espionage operations it has disrupted. Reports of Taiwanese hacking are always coupled with calls for the public to be vigilant about cyber hygiene and report incidents to the authorities, with an educational role emphasized. But it is unlikely that the reports were based on new information. Why? The activities of Taiwan's Cyber Command have been publicly known to analysts since 2014. I would hope that the Czech BIS and similar organisations are aware not only of what has been described, but also of the double and multiple cover agents based in the country.
The attribution campaign reached its peak in March this year when the Chinese military's Eastern Theater Command released videos depicting, among others, Taiwan's president and DPP leader Lai Ching-te as an insect leading Taiwan to destruction and calling him a parasite. This focus on Lai and the DPP is reflected in the characterization of Taiwan's hackery. The September 2024 report links the hackers to the Taiwan Independence Forces, but as early as April 2025 they were supposed to have implemented instructions issued by DPP authorities. And the May version makes no mention of Taiwan's cyber command. Instead, the perpetrators are referred to as a hacking group affiliated with the Democratic Progressive Party authorities in Taiwan, China. The escalating focus on the DPP presents a stark contrast with the opposition Kuomintang, which typically takes a more conciliatory stance toward Beijing. And it represents another aspect of the attribution campaign in the anthropological war.
The campaign against Taiwan is inconsistent with how China attributes U.S. activity against China. While China has increased the pace of public attribution of cyber operations to the United States over the past two years, these attributions have been made through the Chinese National Computer Network Emergency Response Technical Team/Coordination Center (CNCERT/CC) rather than the MSS. These reports were similar in form, graphics, and coverage in state media, but did not link the penetrations to a specific political party, a difference in approach that merits expert attention. Russian and Chinese authorities go on the offensive
In my last published post entitled Summer Snippets from the World of Change, I mentioned the Lenin Award to the Deputy Director of the CIA Division and mother of a 21 year old son who was killed in the fighting in Ukraine. And about the capture of three senior UK officers also in Ukraine. They do not fall into the POW category, so they will not be replaced, but tried, perhaps for the edification of naive and stupid key rattling divan heroes. There are more stories like this, and there is no doubt that President Trump's gradual exposure to them has caused a willingness to act quickly and learn more directly from President Putin than Mr. Witkoff could receive and convey.
Agency diversification, private sector cooperation, and consistent geopolitical priorities of the Chinese Communist Party mean that public attribution of Taiwan's cyber activities is likely to continue and increase, including in level and quality. Indeed, the May statement was released by the local police department, which may inspire other parts of the bureaucracy to join in, even though local organizations may not have in-house cyber capabilities and attribution expertise. I predict that the volume of attribution will increase and it will not only be the US that will be more frequently accused of cyber espionage.
Why do I assume that? As of July 2022, U.S. intelligence agencies have hacked into defense company IT systems and stolen construction blueprints, the cybersecurity agency, CN Cert, wrote on Aug. 1. https://www.cert.org.cn/publish/main/8/2025/20250801150853298552601/20250801150853298552601_.html
In the second case, a communications and satellite internet company was spied on in 2024. No one doubts that it is not only the US that spies on the Chinese authorities or arms companies. However, what is remarkable, even in the age of anthropological warfare, is that China is increasingly publicizing such attacks and clearly pointing the finger at the US. Why?
The fact that authorities publicly attribute cyber attacks to another state, known as public attribution, is rare worldwide. There are various reasons for this, including the fact that it often involves espionage that the victim does not want to disclose, and it is not always possible to clarify beyond doubt who is actually behind a cyber operation. Therefore, by refraining from publicly denouncing the attacker, the attacked state avoids escalation. It seems to me that the above does not apply in the Czech basin, where public denunciations of politically incorrect states and accusations of spying on citizens, especially for Russia and China, are becoming a normality that can transform into a nightmare quite soon.
Private message points to the Chinese People's Army
On the other hand, the US has publicly and hypocritically condemned cyber attacks for years. This practice began in February 2013, when the private company Mandiant published its report on APT Group 1, Unit 61398 of the Chinese People's Army in Shanghai. It was said to be behind 140 attacks around the world. I repeat that the APT 1 report comes from a private company. However, for the slightly more knowledgeable, there is a suspicion that the US government chose this route to avoid having to blame Beijing itself. This is indicated by Fortune magazine, which wrote that U.S. officials had no objection to the publication. It also fits in with the actions of then-President Obama. In a speech just days before the report was released, he announced tougher measures against cyber attacks, of course, from Russia and China. Today we know how Obama lied. A year later, the U.S. Justice Department brought charges against five military hackers believed to belong to Unit 61398 of the CTU. Since then, the US authorities have repeatedly taken legal action through charges and sanctions against companies and individuals, mainly from China, Russia, Iran and North Korea. The EU and other Western countries, including the Czech Republic, have already adopted this practice as their own.
When government agencies and companies resort to public attribution, they usually claim that they want to raise awareness of the threat posed by government cyber actions. Disclosing technical details may also prevent further attacks, but it also increases the effort of attackers who must, for example, set up new servers. Such reasoning cannot have a lasting deterrent effect today. It must therefore be accepted that for state authorities, public accusation is a political tool. It sends a signal of strength and signals to the outside world that cyber actions are recognised and not tolerated. And it puts the behaviour of the accuser, even a weak one like CR, above that of the attacker - even though the US itself and its allies have also been conducting cyber operations against other states for decades. Because almost everything is coordinated internationally, the legitimacy of the attacks increases.
China takes stronger action against US cyber attacks
China has long been reluctant to release the names of the attackers. It was not until 2019 at the latest that the first attributions from private Chinese IT security companies describing attacks by the US intelligence agencies CIA and NSA appeared. The first official attribution was dated September 2022 and contained a lot of old information. Similarly, a report from 2023 regarding espionage against Huawei described an action that began in 2009. In recent months, China has stepped up public attribution of cyberattacks and is using it as a political tool. The reports concern more recent cyber attacks (the Asian Winter Games in Charbin in February 2025) or the previously mentioned arms company between 2022 and 2024.
In April, Chinese police announced the arrest of three people working for the NSA who were allegedly involved in the attacks on the Asian Winter Games in Harbin. This is the first time Chinese authorities have identified specific people behind US cyber actions. It is highly unlikely that this is an isolated case. I therefore expect hilarity in the public and non-public arenas of anthropological warfare, and recommend reading the article China is using cyber attribution to pressure Taiwan. The article was written and published by security analyst Ben Read on July 22, 2025. https://bindinghook.com/articles-hooked-on-trends/china-is-using-cyber-attribution-to-pressure-taiwan/.
To conclude the shaping of the international dialogue
Publicly attributing cyber activities is the latest Chinese technique used to pressure not only Taiwan but also to shape the international dialogue on cybersecurity. In September 2024, the Chinese government launched a campaign existing from three sets of information publicly identifying cyber operations attributed to the Taiwanese government. All three attributed activities to Taiwan's Information, Communications, and Electronic Forces Command (ICEFCOM), and each contained typical Chinese government rhetoric criticizing separatist elements in Taiwan. The messages are notable for the increasing number of individuals identified (three, four, and then twenty) and for illustrating the close relationship between the PRC government and China-based private cybersecurity companies.
With public accusations, China is catching up with the US and other Western countries. Question - Why didn't China resort to public attribution earlier? I can't give a clear answer. The fact is that every fact-based publication is a warning to the attacker and potential traitor. They may back down and change their approach to remain undetected, but what operations and how they were exposed will not be known to the adversary. How is this possible and why? Chinese attributes usually do not disclose any technical details of the attack. At least publicly, this leaves out technical details that could help even Western countries repel attacks by their allies, the Americans and the British.
For several years, the US and EU Member States have been vocal about security concerns regarding technology and products from China. This includes not only allegations of cyber espionage, but also allegations that Chinese technology, including cranes, contains secret backdoors that can be used for espionage or sabotage. There are even reports in the Czech Republic of an attack on power grids whose privatisation has not ended the hangover, communication between controllers has frozen, and no one from the state and energy sector officials can see the axis of interest.
Today, China defends itself by making the same accusations against the US and its allies. Chinese authorities repeatedly mention backdoors in US products, including Microsoft software and, more recently, Nvidia chips. This company has unwittingly shown Switzerland, the EU and the like what President Trump understands when it comes to tariffs: paying billions of dollars in sales to enemies and competitors. With these accusations against Washington, Beijing is thus creating a contrast to the US narrative about dangerous Chinese products. This may have repercussions in developing and emerging countries, where Chinese technology and IT products are even more widespread than in the West. I assume that China is aware of this risk and will act accordingly. Why?
In early July, Italian authorities arrested a 33-year-old Chinese man working for an IT company in Shanghai at the request of the United States. He was allegedly involved in cyber espionage since 2020. I can imagine a similar scenario for US and Czech citizens working in IT if they travel to a country that cooperates with Chinese and, of course, Russian justice. The fact that China has begun putting U.S. intelligence officers on alert ahead of arrests, and that Russia has announced the arrest of three Britons and hinted at their fate, supports the author's view and expectations. The conflict between the US, Russia and China in this area will escalate, the fishing grounds will get bigger and the hunting season will get longer. Consent is not needed.
Jan Campbell
English 
Czech 
Spanish 
French 
Italian 
Russian 
Chinese 
German