This post is adapted from the Cyberdefense Report "Before Vegas: The ‘Red Hackers’ Who Shaped China’s Cyber Ecosystem," published in July 2025 by the Center for Security Studies (CSS) at ETH Zurich, Switzerland.

In our last piece, we showed how truly elite offensive cyber talent has always been scarce, even within China’s massive hacker communities of the 2000s. But how did this small circle of talent actually develop offensive capabilities? In China, these fall under the broader category of “live-fire” capabilities (实战能力),1 i.e. the ability to apply tools and techniques such as penetration testing, security operations, and incident response. As we discussed here, here, and here, hacking contests, bug bounty platforms, and cyber ranges have become core pillars of China’s modern live-fire talent pipeline. Today, these mechanisms are deeply institutionalized across universities, companies, and state-backed initiatives, serving as the backbone for identifying and training skilled operators.