A Chinese cybersecurity company has asserted its capability to breach the UK’s Foreign Office, as per leaked documents.
The leaked i-Soon data contains information on UK government agencies, think tanks, businesses, and charities. Additionally, the documents suggest successful breaches of public bodies and businesses across Asia and Europe, although it remains uncertain if any were compromised.
The identity of the leaker remains undisclosed.
China’s UK embassy stated it was unaware of the leak and emphasized that China “firmly opposes and combats all forms of cyberattacks in accordance with the law.” However, Chinese authorities, along with i-Soon, are reportedly investigating the data dump, according to the AP news agency.
i-Soon, a private firm offering cybersecurity services to China’s military, police, and security agencies, operates with fewer than 25 employees at its Shanghai headquarters. On February 16, a collection of 577 documents and chat logs was leaked on GitHub, indicating the authenticity of the breach according to three security researchers interviewed by the BBC.
The leaked files expose eight years of i-Soon’s efforts to extract data and infiltrate systems across the UK, France, and various Asian locations including Taiwan, Pakistan, Malaysia, and Singapore. Among the revelations, one government entity in southwest China paid approximately $15,000 (£11,900) to gain access to the Vietnamese traffic police website. In another instance, software designed for running disinformation campaigns on X, previously known as Twitter, was priced at $100,000 (£79,000).
In an undated chat log, “Boss Lu” and an unnamed user discuss targeting the UK Foreign Office, with the latter claiming to have identified a software vulnerability. However, Boss Lu redirects the focus to another organization, citing the awarding of the contract to a rival contractor.
In another chat exchange, a user forwards a list of UK targets to i-Soon, including the British Treasury, Chatham House, and Amnesty International.
“We don’t currently have this information readily available, but we can start compiling it,” responds the recipient.
They then deliberate on the possibility of securing prepayment from their client for the undisclosed details regarding the targets.
Additional chat records reveal discussions among i-Soon staff regarding contractual matters involving Jens Stoltenberg, the Secretary General of NATO.
John Hultquist, Mandiant Intelligence’s chief analyst, suggests that the leaks provide a rare glimpse into a “commercially-fuelled, high-stakes intelligence operation.”
He further notes that the data illustrates how contractors cater to “not just one agency, but multiple agencies simultaneously.”
Various motives could drive the data leak, experts suggest. It might stem from a disgruntled ex-employee, a foreign intelligence agency, or a competitive entity aiming to undermine i-Soon’s public trust.
While China’s cyber espionage activities have been extensively covered, this leak sheds light on the unique involvement of the private sector in such campaigns.
Dakota Cary, a non-resident fellow at the Atlantic Council’s Global China Hub, predicts that it’s improbable for the outcomes of Chinese authorities’ investigations to become public knowledge.
Read More: North Korea breached emails belonging to the aide of South Korea’s president.
Disclaimer:
This content is AI-generated using IFTTT AI Content Creator. While we strive for accuracy, it’s a tool for rapid updates. We’re committed to filtering information, not reproducing or endorsing misinformation. – Jomotoday for more information visit privacy policy
Leave a Comment