Press Announcement

WireScreen Special Report Reveals Deep Military Ties Behind Chinese Cybersecurity Firm KnownSec

New analysis links commercial cyber defense tools to PLA cyber operations, challenging assumptions about “private” vendors in China’s cyber ecosystem

WASHINGTON, D.C. — January 29, 2026 — WireScreen today released a new special report, The KnownSec Files: How a Commercial Security Giant Feeds China’s Offensive Cyber Machine, detailing extensive structural, financial, and operational ties between the Chinese cybersecurity firm KnownSec (知道创宇) and China’s military cyber apparatus.

The report combines analysis of a November 2025 leak of more than 12,000 internal KnownSec files with original corporate ownership, investment, and procurement data from the WireScreen platform. Together, the findings offer one of the clearest public illustrations to date of how China’s commercial cybersecurity sector functions as an extension of state cyber power.

Key Findings

  • State-backed control: KnownSec is underpinned by state-linked capital tied to China’s cyber and defense apparatus, with Tencent-affiliated entities holding nearly 20% ownership.
  • Direct PLA support: A wholly owned subsidiary, Beijing KnownFuture, serves as a conduit between KnownSec and the People’s Liberation Army (PLA), securing dozens of contracts with PLA cyber units, including the Cyberspace Force and former Unit 61398 (APT1).
  • Commercial data weaponization: Data collected through ostensibly defensive commercial products appears to be repurposed for offensive cyber operations and pre-positioning against foreign critical infrastructure.
  • No meaningful private boundary: The findings demonstrate that China’s commercial cybersecurity sector functions as an extension of state and military cyber power, erasing the distinction between private vendors and government operators.

Why It Matters

“The KnownSec Files demonstrate that the line between commercial cybersecurity vendors and state cyber actors in China is effectively nonexistent,” said John Costello, Director of Strategic Affairs at WireScreen and author of the report. “This carries serious implications for vendor risk management, supply-chain security, and national cyber defense.”

The report warns that reliance on Chinese cybersecurity vendors may inadvertently expose sensitive operational data—particularly across energy, telecommunications, transportation, and government sectors—to China’s military intelligence ecosystem.

Read the full report: The KnownSec Files: How a Commercial Security Giant Feeds China’s Offensive Cyber Machine

About WireScreen

WireScreen is a leading China-focused risk intelligence platform dedicated to bringing transparency to global business. By combining advanced data technology with deep regional expertise, WireScreen helps professionals uncover hidden ownership, identify risk, and understand corporate influence at scale.

Media Contact

Krassi Genov
Head of Marketing, WireScreen

krassi.genov@wirescreen.ai

www.wirescreen.ai

WireScreen red logo
About UsOur StoryPress
Resources
BlogWebinarsReportsFrom the CEOBIS 50% Rule
ProductCareers
Request a demo
envelope
info@wirescreen.ai
Linkedin iconTwitter X logo
Terms of ServicePrivacy PolicyConflict of Interest Statement
©️ 2026 WireScreen