The recent data breach from a Chinese cybersecurity company has exposed national security agencies paying substantial amounts of money to collect information about a variety of targets, including foreign governments, while hackers gather vast amounts of data on individuals and organizations that might be of interest to potential customers for their companies.
A set of over 500 leaked files from the Chinese company, I-Soon, has been posted on the developer’s website Github, with cybersecurity experts confirming their authenticity. The targets discussed in the leaked files include NATO and the UK Foreign Office.
The leak provides an unprecedented glimpse into the world of Chinese-employed hackers, with Britain’s security chief describing it as a “significant” challenge for the country. The leaked files consist of chat logs, company prospectuses, and data samples, revealing the scope of China’s intelligence-gathering operations and highlighting the market pressures faced by Chinese commercial hackers in a sluggish economy.
Yisun is believed to have collaborated with another Chinese hacking organization, Chengdu 404, which has been indicted by the U.S. Department of Justice for cyberattacks not only in the United States but also on companies in China and Hong Kong democracy activists.
Other targets discussed in the I-Soon leak include the British think tank Chatham House, public health agencies of Asean countries, and foreign ministries. The leak also indicates that certain data has been collected according to specifications, while in other cases special agreements have been made with the Chinese Public Security Bureau to collect specific types of data.
Chatham House has expressed concern over the leaked data, emphasizing the importance of safeguarding their data and information. Similarly, NATO has acknowledged the persistent cyber threats and stated that it is investing in large-scale cyber defense. However, the British Foreign Office declined to comment.
I-Soon’s services range from gaining access to email inboxes to hacking accounts, obtaining personal information from social media platforms, retrieving data from internal databases, and compromising various operating systems. The leaked files also suggest that the Chinese state is collecting as much data as possible.
The leaked documents further reveal that I-Soon has sought “anti-terrorism” support and has claimed to have obtained data from various organizations. The company was also involved in discussions about sales practices and the company’s internal situation.
The leaked data also includes screenshots and chat logs where employees discuss the company’s operations and the impact of the COVID-19 pandemic on their business. The company’s CEO expressed concerns about the loss of core staff, the subsequent impact on customer confidence, and the loss of business.
Source: www.theguardian.com
