Leaked Files Show the Secret World of China’s Hackers for Hire, (NYT).


Just in three days, our team achieved an impressive milestone, surpassing all expectations and demonstrating our dedication and resilience.

Thank you very much for your kind words and thoughtful expression of gratitude!

Check out the article from Energy Central at www.energycentral.com for more helpful information about the changing energy industry.

In December 2023, Energy Central celebrated top contributors in the Energy & Sustainability Network at the 'Top Voices' event. Winners were featured in 6 articles, demonstrating community recognition. The platform enables professionals to share their work, interact with colleagues, and collaborate with influencers. Congratulations to the 2023 Top Voices: David Hunt, Germán Toro Ghio, Schalk Cloete, and Dan Yurman for demonstrating their expertise. - Matt Chester, Energy Central


 

Andrés Gluski, CEO of The AES Corp., stresses decarbonization challenges and innovation for renewable energy. AES supplies renewables to tech firms with ambitious sustainability goals, leading change in energy sector. Innovative tech, like 24/7 hourly match renewable product, drives sustainable energy practices and reduces environmental impact. Recognized for community engagement and commitment to climate action for a sustainable future.


Image by Germán & Co 

China is relying more on private companies to hack foreign governments and regulate its citizens

NYT By Paul Mozur, Keith Bradsher, John Liu, and Aaron Krolik. Paul Mozur reported from Taipei, Keith Bradsher from Beijing, John Liu from Seoul, and Aaron Krolik from New York on February 22, 2024. 

A cache of documents from a Chinese security firm working for Chinese government agencies showed an extensive effort to hack many foreign governments and telecommunications firms, particularly in Asia, as well as targets of the country’s domestic surveillance apparatus.

The documents, which were posted to a public website last week, revealed an eight-year effort to target databases and tap communications in South Korea, Taiwan, Hong Kong, Malaysia, India and elsewhere in Asia. The files also revealed a campaign to monitor closely the activities of ethnic minorities in China and online gambling companies.

The files included records of apparent correspondence between employees as well as lists of targets and materials that showed off cyberattack tools. The documents came from I-Soon, a Shanghai company with offices in Chengdu. Three cybersecurity experts interviewed by The Times said the documents appeared to be authentic.

Taken together, the leaked files offered a look inside the secretive world of China’s state-backed hackers for hire. They underscored how Chinese law enforcement and its premier spy agency, the Ministry of State Security, have reached beyond their own ranks to tap private-sector talent in a global hacking campaign that United States officials say has targeted American infrastructure and government.

“We have every reason to believe this is the authentic data of a contractor supporting global and domestic cyber espionage operations out of China,” said John Hultquist, the chief analyst at Google’s Mandiant Intelligence.

Mr. Hultquist said that the data showed that I-Soon was working for a range of Chinese government entities that sponsor hacking, including the Ministry of State Security, the People’s Liberation Army, and China’s national police.

“They are part of an ecosystem of contractors that has links to the Chinese patriotic hacking scene, which developed two decades ago and has since gone legit,” he added, referring to the emergence of nationalist hackers who have become a kind of cottage industry.

The files showed how I-Soon could draw on a grab bag of technologies to operate as a hacking clearinghouse for branches of the Chinese government. At times the firm’s employees focused on overseas targets, and in other cases they helped China’s feared Ministry of Public Security surveil Chinese citizens domestically and overseas.

Materials included in the leak that promoted I-Soon’s hacking techniques described a technology built to break into Outlook email accounts and another that could control Windows computers, supposedly while evading 95 percent of antivirus systems. I-Soon bragged about having access to data from a range of governments and companies in Asia, including Taiwan, India, Nepal, Vietnam and Myanmar. One list showed extensive flight records from a Vietnamese airline, including travelers’ identity numbers, occupations and destinations.

At the same time, I-Soon said it had built technology that could meet the domestic demands of China’s police, including software that could monitor public sentiment on social media inside China. Another tool, built specifically to target accounts on X, could pull email addresses, phone numbers and other identifiable information related to user accounts.

In recent years, Chinese law enforcement officials have managed to identify activists and government critics who had posted on X using anonymous accounts from inside and outside China. Often they then used threats to force X users to take down posts that the authorities deemed overly critical or inappropriate.

China’s foreign ministry had no immediate response to a request for comment. X did not respond to a request seeking comment. A spokesman said the South Korean government would have no comment.

“This represents the most significant leak of data linked to a company suspected of providing cyberespionage and targeted intrusion services for the Chinese security services,” said Jonathan Condra, the director of strategic and persistent threats at Recorded Future, a cybersecurity firm. Analysis of the leak would give new insights into how contractors work with China’s government to carry out cyberespionage, he added.

The Chinese government’s use of private contractors to hack on its behalf borrows from the tactics of Iran and Russia, which for years have turned to nongovernmental entities to go after commercial and official targets. Although the scattershot approach to state espionage can be more effective, it has also proven harder to control. Some Chinese contractors have used malware to earn ransoms from private companies, even while working for China’s spy agency.

Over the past year U.S. government officials have repeatedly warned of Chinese hacking efforts. In late January, Christopher A. Wray, director of the Federal Bureau of Investigation, described an extensive campaign to target American infrastructure, including the power grid, oil pipelines and water systems, in the event of a conflict with Taiwan. Last year it emerged that the email accounts of a number of U.S. officials, including Nicholas Burns, the U.S. ambassador to China, and Commerce Secretary Gina Raimondo, had been hacked.


Cooperate with objective and ethical thinking…

We aim to provide high-quality, accurate information. Your support keeps us independent and our journalism balanced. Donate 2 euros or any amount to help us continue delivering precise, well-researched articles. Thank you for standing with us. -The Team


If you require assistance with political, corporate communication, public relations, or crisis management uncertainties, please feel free to reach out to Germán & Co.

Our dedicated expertise is available for a fee of 99.9 Euros, guaranteeing a prompt response within eight hours and upholding the highest levels of confidentiality.

Take advantage of the opportunity to leverage our expertise and experience.


Previous
Previous

Finance Ignores the Climate Crisis. Latin America Fails in Sustainable Budgets…

Next
Next

"Why don't you shut up?" Your marriage is a tool of pride and evil to infinity; how will you survive now?