Cybersecurity experts in the United States and nations across in Asia and around the world have been studying a trove of documents from iSoon, a state-linked hacking group based in Shanghai.
Experts have said the more than 570 files, images and chat logs posted on GitHub last week are credible, despite little being known so far on who the source of the data was.
iSoon has been described as one of a range of firms that state agencies use to collect data. The documents reveal that Chinese intelligence, military and police often hire private contractors to conduct online intrusions against both foreign governments and companies, plus local targets seen as a threat to national security.
ALSO SEE: AI Chiefs Say Deepfakes a Threat to World, Call For Regulation
The data gives unprecedented insight into China’s hacking campaigns and appears to confirm repeated warnings by FBI director Christopher Wray about the vast scale of Beijing’s hacking operations, as well as its threat to critical infrastructure.
Wray told a security conference in Munich last weekend that China’s hacking efforts were larger than those of “every major nation combined,” according to a New York Times report on Thursday (Feb 22), which said China had built a web of independent companies to boost the cyber operations of its intelligence services.
Information sought from targets in 20 countries
The leaked documents detail contracts and targets in about 20 countries and foreign governments, such as India, Taiwan, South Korea, Hong Kong, Thailand, Malaysia and the United Kingdom.
iSoon gathered a large cache of road-mapping data from Taiwan, which analysts said would be useful in the event of a Chinese invasion, plus immigration data from India, call logs from South Korea’s LG U Plus telecom group.
Indeed, it also targeted telecom firms in Kazakhstan, Mongolia, Nepal, Malaysia, Hong Kong and Taiwan.
Information was also sought on many of China’s neighbours in Southeast Asia. Ten government agencies in Thailand, “including the country’s Foreign Ministry, intelligence agency and Senate” were targeted between 2020 and 2022, according to the Washington Post.
The hackers even sought information from close allies like Cambodia and Pakistan.
Curiously, the data contains files of complaints from workers unhappy about their workload and payment (less than $1,000 a month). That has led to a suspicion that a disgruntled former employee may have posted the files on GitHub, while others have suggested it could be the work of a rival hacking group.
The files also indicate the constant struggle that America’s tech giants such as Microsoft, Apple and Google face from hackers, in China and worldwide.
China is also waging a huge surveillance campaign to monitor social media domestically, as well as trawling and responding to posts on Facebook and X (Twitter) that can be seen worldwide.
One of iSoon’s “products” was a $55,600 package to manipulate or “manage” discussions on X (Twitter).
And all of this comes at a time when Julian Assange, the Australian activist who founded WikiLeaks, the most infamous recipient of hacked data, faces a London court on whether to be extradited to the US.
Assange has become a cause celebre in the UK, Europe and in his homeland. Politicians from all parties in Canberra have appealed to Washington to allow him to return home.
- Jim Pollard
ALSO SEE:
US Cleared Chinese Hackers From Pacific Computer Systems
Chinese Hackers ‘Spying on Critical US Services, Guam’
China is Using AI to Ramp up Espionage, US Says – WSJ
US, Japan Warn of New China Hacker After ‘60,000 Emails Stolen’