Unpacking the Dark Web: Insights from the WireScreen and DarkOwl Webinar
On February 26, 2025, a critical yet understated webinar titled “China’s Commercial Hackers: Mapping the Hackers-for-Hire System” made waves among potential U.S. government clients. Presented by the WireScreen team, headed by Pulitzer Prize-winning journalist David Barboza’s outlet, The Wire China, in collaboration with the internet surveillance firm DarkOwl, this event offered a treasure trove of intelligence on cyber threats, particularly focused on Chinese operations. Key figures in the duo included the then-senior analyst Steph Shample from DarkOwl, who previously served as a threat intelligence analyst for a U.S. military intelligence agency.
The Webinar Context
The backdrop for this joint session was the mounting concern over cybersecurity threats emanating from China. Positioned as a “government-only event,” it aimed to illuminate how dark web intelligence could help identify and counteract these threats effectively. Attendees were promised deep insights into the intricate web of hackers-for-hire that China allegedly sponsors, further adding to the urgency of the discussion.
The monitoring of cyber threats presented was underscored by a glaring example: the massive Naz.API credential leak, which saw four plain-text passwords linked to employees of the Chinese cybersecurity firm ThreatBook discussed extensively by Shample. In her presentation, she emphasized the value of examining compromised passwords, asserting, “We love to look at passwords because you can get so much information from them.” This statement set the tone for a session where exploitation of compromised data stood center stage.
Spotlight on Key Contributors
Peter James, WireScreen’s director of training, began the session with a striking introduction of the platform, asserting its role as a leading data intelligence source focused on China. With over 14 million corporate profiles and 26 million individual profiles curated from a plethora of public data sources, WireScreen positioned itself as an indispensable tool for government agencies looking to glean insights into Chinese corporate operations and affiliations.
The expertise shared during the webinar hinted at the intricate relationship between media, government, and cybersecurity. James and Greg Roesch, head of federal sales for WireScreen, transitioned from roles in the cryptocurrency intelligence realm with Chainalysis, highlighting a trend of blending skills from different sectors to combat cybersecurity threats.
Unveiling Dark Web Intelligence
During the event, Shample’s remarks regarding DarkOwl’s collection capabilities behind the Great Firewall of China hinted at the firm’s extensive reach and resources, inviting attendees to engage in further inquiries. The gravity of the discussed leaks was accentuated when 18 different leaked passwords belonging to ThreatBook employees were revealed on-screen, illuminating a disturbing trend in the cybersecurity landscape.
But it wasn’t just about sharing findings; the reveal underscored a desperate need for governmental stakeholders to use such intelligence effectively. The vulnerabilities of major cybersecurity firms, particularly those scrutinized like ThreatBook, showcased the broader implications of data breaches that extend beyond corporate embarrassment to national security concerns.
The Intersection of Media and Intelligence
The narrative surrounding the webinar also painted a fascinating picture of the evolving landscape of media and intelligence. Barboza’s previous tenure at The New York Times, particularly his influential role in its Shanghai bureau, laid the groundwork for significant discussions regarding the integrity and independence of journalistic efforts. The establishment of The Wire China with substantial Pentagon contracts raised eyebrows about potential biases and the complex interplay between reporting and intelligence.
Moreover, the involvement of prominent figures like Jennifer K. Ewbank, who led the CIA’s digital innovation efforts post-Vault 7 disclosures, hinted at the profound interconnection between technology, surveillance, and national security. In a period where whistleblowers and revelations about espionage became increasingly public, having such influential figures on board added a layer of complexity to the discussions on integrity in intelligence efforts.
Lobbying and Future Budgetary Implications
The landscape of lobbying in the realm of cybersecurity was also a point of contention. WireScreen’s recently disclosed $135,000 lobbying effort through Revere Federal Strategies to influence 2026 budgets for U.S. military and intelligence agencies underscored the lengths such companies go to garner attention and funds for their capabilities. The implications of these efforts reflect a broader strategy to fortify U.S. defenses against perceived threats while simultaneously opening a dialogue on the funding of intelligence programs themselves.
A Glimpse into Advanced Defense
Adding further depth to the discussion, DarkOwl and WireScreen’s associations with various intelligence-aligned think tanks such as the 2430 Group and C4ADS signaled their commitment to marrying data analytics with actionable defense measures. Their joint goals of tracking Chinese acquisition of U.S. intellectual property and eliminating circumventions of U.S. sanctions were a clarion call for the necessity of integrated efforts across agencies to address sophisticated threats.
Webinars like this one encapsulate not only the alarming nature of cybersecurity challenges we face today but also the intertwined nature of journalism, intelligence, and commercial interests addressing those challenges. Understanding the nuances of who is behind the screens of platforms that monitor these threats is crucial as the battle against cyber adversaries continues to evolve.
This confluence of intelligence gathering and media reporting may serve to reshape public perception about who holds the keys to national security in an increasingly digital world. The events that unfolded during the webinar were a reminder of the highest stakes, as byproducts of such intelligence efforts could lead to significant ramifications not only in terms of security policies but also in the broader media narrative regarding espionage and national defense.
