Chinese state institutions issue rewards for finding the cybersecurity vulnerabilities in software that is often used by foreign governments, in what may be a subtle new form of state-backed cyber warfare. At the same time, China is promoting young cybersecurity engineers in a doubling of its efforts to probe foreign systems for areas the Chinese government can exploit.

The new law has effectively changed the landscape of online network security within China, according to cybersecurity analyst Dakota Cary, who last week told The Record podcast—run by cybersecurity company Recorded Futures—that any business operating within its borders must report coding flaws to the government before taking any further steps to address the vulnerability or make it known to the public.