The man is a freelance security consultant with ties to the Chinese government and military. The Chinese government had access to his work, although the man stated he "would rather not have uniformed guys looking over his shoulder, but there is no way anyone of his skill level can get away from that kind of thing," according to one analyst.This development makes it even more difficult for the Chinese government to deny involvement in the attacks.
The hacker, if he can even be called such, posted bits of his code to a hacking forum as a work in progress. Although this man did write the code, which exploited a security loophole in IE6, he does not work full-time for the government. He didn't launch the attacks himself, and the U.S. cybersecurity team that tracked him down said that he didn't want his work to be used for attacks of this nature and magnitude.
The spyware's launch was traced to computers at Shanghai Jiaotong University and Lanxiang Vocational School, the first of which counts former government cybersecurity experts among its staff. Both institutions have denied involvement in the attacks.
As U.S. officials continue their investigation, cybersecurity folks and others familiar with the situation wonder at how this series of attacks positions China in the international sphere. Does this news signal the beginning of a new East v. West cold war? Let us know your thoughts in the comments.