A significant data breach from a Chinese cybersecurity company has offered a rare glimpse into the inner workings of Beijing-linked hackers.
Analysts suggest that the breach contains valuable information about the day-to-day operations of China’s hacking program, which the FBI claims is the largest globally. I-Soon has not yet verified the authenticity of the leak and has not responded to requests for comment. As of Friday, the leaked data has been taken down from GitHub, where it was originally posted.
From staff complaints about salaries and office rumors to claims of infiltrating foreign governments, here are some key insights gathered from the leak.
Who was targeted in the hack?
Icesun employees were actively seeking high-profile targets on a daily basis.
The leak exposed that government entities in neighboring countries of China, such as Kyrgyzstan, Thailand, Cambodia, Mongolia, and Vietnam, had their websites and email servers breached. The targets ranged from British government departments to Thai ministries. I-Soon staff also claimed to have gained access to communication service providers in various countries. They specifically mentioned targeting the Indian government, viewed as Beijing’s geopolitical rival, and accessing educational institutions in Hong Kong and Taiwan. However, they acknowledged difficulty in accessing data seized from government agencies in Myanmar and South Korea.
Additional targets included domestic entities from Xinjiang to Tibet, covering topics from illegal activities to gambling establishments.
Who were the clients of Yi Seung?
Based on the leaks, most of Icesun’s customers were local police departments and state security agencies responsible for safeguarding the Communist Party against perceived threats to its authority. The company offered assistance in securing devices and communications with many contracts listed as non-confidential.
There were indications of official corruption, with discussions of kickbacks in sales to law enforcement agencies. Complaints about business challenges in regions like Xinjiang were also highlighted.
The leak mentioned the company’s focus on creating Trojans, compiling personal information databases, and developing technology for various hacking purposes.
Who are the hackers?
The leak sheds light on the daily operations at mid-sized Chinese cybersecurity firms, revealing internal issues like office politics, technical shortcomings, low pay, and customer retention challenges.
Employee conversations included complaints about management decisions, such as extravagant purchases and salary disputes.
The leak illustrates a less flattering side of the operations at these companies, showcasing a mix of competence and ethical concerns.
Source: www.theguardian.com
