Recently leaked documents from Chinese cybersecurity firm i-SOON provide an unprecedented look at China's extensive state-sponsored hacking operations.
The more than 500 leaked documents, which appear to be legitimate according to experts, detail various cyber espionage campaigns carried out by i-SOON on behalf of Chinese government agencies like the Ministry of Public Security. As KrebsonSecurity reports, the documents illustrate "how Chinese government agencies increasingly are contracting out foreign espionage campaigns to the nation's burgeoning and highly competitive cybersecurity industry."
Specifics from the documents outlined by the AP reveal hacking tools used to spy on dissidents and ethnic minorities in China, as well as to monitor and influence narratives on foreign social media platforms like X/Twitter.
The capabilities described suggest "sophisticated hacking techniques and the exploitation of various vulnerabilities, likely including those found in critical infrastructure systems," said Callie Guenther, Senior Manager of Cyber Threat Research at Critical Start. "The specifics of the leaked capabilities that directly relate to these or other U.S. vulnerable systems were not detailed, but the broad scope of I-SOON's operations suggests a potential overlap with sectors identified as critical by the U.S. government."
Targets listed in the documents span Central and Southeast Asia, Hong Kong, and Taiwan. The varied nature of the attacks points to China's strategic approach of using cyber operations to control information and suppress criticism, even beyond its borders, experts say.
"China's much vaunted Great Firewall not only lets the government control and limit what citizens can access online, but this distributed spying apparatus allows authorities to block data on Chinese citizens and companies from ever leaving the country," reported KrebsonSecurity.
The reason for the leak remains unknown, but disgruntled insiders are a prime suspect. The revelations are shedding light on a highly-secretive sector.
Experts agree that China's state-sponsored hacking remains a serious national security threat that requires greater cooperation and investment to address. "The growing network of nation-state funded cybercriminals [underscores] the need for continued cybersecurity investment and international cooperation,” said Darren Guccione, CEO of Keeper Security.
Follow SecureWorld News for more stories related to cybersecurity.