FTRCRP // SIGNALS
Under the Radar — Notes from Simen Bakke’s Lecture at Noroff
Calm room. 14:15 sharp. Screens flicker to life at Noroff, Mølleparken 4.
Simen Bakke from the Norwegian Police IT Unit walks in — calm, grounded.
His talk: “How China Uses Civilian Hackers and IT Companies for Cyber Operations.”
A title that sounds academic until he starts describing how ordinary companies become extensions of state-level capability — engineers, researchers, startups, all pulled into the machinery of cyber power.
He put faces to names like Wuhan (XRZ), APT31 and (Salt, Violet, Linen) Typhoon, even showed us the buildings where some of the IT businesses — front operations — reside, and with a smile invited us to visit them if we ever were in that part of the world.
The Signal
Simen Bakke, as Norwegian as he can be…. policeman, high-level threat analyst, Red Cross worker, humanist and well spoken… maybe even a patriot of sorts.
That’s the image presented, and I’m a believer.
I believe his research into China and the ongoing weaponization of zero-days by the Chinese government.
His breakdown of the decentralized intelligence structure the Chinese government uses hit hard.
Simen is telling a stark story about Chinese dominance in cyberspace — the cultivation of new hackers and technologists — and his statistics speak of a significant shift in Chinese policy.
It points to the deliberate weaponization of hacks, zero-days, and the likes… even more so in the OT / IoT realm, which is concerning.
I’m definitely going to dive into Cyber Makt and the other researchers he’s drawn from.
Key takeaways
- Civilian ≠ neutral. In modern geopolitics, hackers and IT firms can be conscripted into national strategy.
- The gray zone is the new battlefield. The line between peace and conflict is blurring; code, infrastructure, and narrative all count as weapons.
- Visibility beats paranoia. Understanding how these operations work is the first defence.
- Resilience is design. When asked about offramping from American cloud providers, he said: “You should design for it. No more papers or procedures — implement it.”
- Are we ready? When asked if Norway could handle a Ukraine-style cyberattack, his answer was quiet: “Not really.”
Reflection
When push comes to shove, I’m rooting for the home team… the Western world.
We have our flaws, we are not all that good but show me a successful better way than Western democracy and we can have a chat.
To this day there is no other good alternative, in my opinion.
Again, I’m just a measly IT student; who am I to have an opinion?
But I believe this battle begins here, down in the weeds, among us students, nerds, technologists, phreaks.
We’re about to get surpassed, or at least outnumbered.
The evidence is there… China at least wants to have the option to dominate, sabotage, blackmail, and influence the Western world.
That much is clear, and the world is shifting.
The U.S. is rambling in its demise, Asia is gaining ground, and Europe has become numb.
Simen was asked if we were ready for a cyberattack like the one Ukraine has faced since the Russian invasion.
He said, “Not really.”
Some students asked about offramping from American cloud providers — his answer: “You should design for it.”
No more policies or whitepapers — build it into the system itself.
But as he said, this will take years.
Look how reliant we are on Microsoft today.
It will take years.
Closing Signal
Bakke’s lecture was less about China than about us; how open societies protect themselves without turning paranoid, and how people like us: students, lab builders, ethical hackers — learn to think critically about where real power hides and resides.
I left the room quiet, inspired, and slightly more aware of how small labs fit into global equations.
That’s enough motivation for another night of packet captures and failed exploits.
— Mr 0 // Field Log 05.11.2025