A data leak from a Chinese cybersecurity company has revealed the extent of its hacking activities for the Chinese government and its clients. The company, I-Soon, offered a range of services, from accessing foreign websites and databases to collecting personal information and running disinformation campaigns.
The leaked data, which was posted on GitHub last week, contained emails, images, documents and contracts that showed I-Soon’s involvement in cyberespionage operations in at least 20 countries and regions, including India, South Korea, the UK, Taiwan, Hong Kong and Malaysia. Some of the targets included immigration data, road-mapping data, call logs, social media accounts and online gambling firms.
The data also showed that I-Soon was working for various Chinese government entities that sponsor hacking, such as the Ministry of State Security, the People’s Liberation Army and the national police. The company also monitored the activities of ethnic minorities and dissidents in China, such as in Hong Kong and Xinjiang.
The data leak provides a rare insight into the secret world of China’s state-backed hackers for hire, who use private-sector talent and tools to support China’s aggressive cyberwarfare strategy. The leak also raises concerns about the security and privacy of data in the digital age, as well as the potential implications for international relations and human rights. 123
