Popular Articles
Today Week Month Year


Leaked documents from a Chinese contractor offers rare insight into how the CCP operates its cyberwarfare and surveillance operations
By Ava Grace // Feb 29, 2024

Chinese police are investigating an unauthorized and highly unusual online leak of documents from a private security contractor linked to the nation's top policing agency and other parts of its government – a trove that catalogs apparent hacking activity and tools to spy on both Chinese citizens and foreigners.

The impacted company is known as I-Soon, based in Chengdu, Sichuan, a security contractor with ties to the Ministry of Public Security (MPS). Among the apparent targets of the tools provided by I-Soon are Chinese ethnic minorities and dissidents in parts of the communist nation that have seen significant anti-government protests, such as the relatively freer Hong Kong and the heavily Muslim region of Xinjiang in China's far northwest.

The dump of scores of documents and the subsequent investigation were confirmed by two employees of I-Soon. The dump, which analysts consider highly significant even if it does not reveal any especially novel or potent tools, includes hundreds of pages of contracts, marketing presentations, product manuals and client and employee lists. (Related: Cybersecurity official warns: Americans must prepare for CYBERATTACKS from Chinese hackers.)

The leaked documents reveal, in detail, the methods used by Chinese authorities to surveil dissidents within the mainland as well as overseas. The documents also provide insight into how Chinese authorities hack into the networks of other nations and spread pro-Beijing narratives on social media platforms.

The documents show apparent I-Soon hacking of networks across Central and Southeast Asia, as well as Hong Kong and the self-ruled island of Taiwan, which Beijing claims as its territory.

Human knowledge is under attack! Governments and powerful corporations are using censorship to wipe out humanity's knowledge base about nutrition, herbs, self-reliance, natural immunity, food production, preparedness and much more. We are preserving human knowledge using AI technology while building the infrastructure of human freedom. Learn about our free, non-commercial AI / LLM project here. Support our efforts to build the infrastructure of human freedom by shopping at HealthRangerStore.com, featuring lab-tested, certified organic, non-GMO foods and nutritional solutions.

I-Soon and Chinese police are investigating how the files were leaked, the two I-Soon employees said. One of the employees said I-Soon held a meeting about the leak and was told it wouldn’t affect business too much and to “continue working as normal.”

Jon Condra, an analyst with Massachusetts-based cybersecurity firm Recorded Future, called the leak the most significant leak ever linked to a company "suspected of providing cyber espionage and targeted intrusion services for the Chinese security services." He said organizations targeted by I-Soon – according to the leaked material – include governments, telecommunications firms abroad and online gambling companies within China.

Until the 190-megabyte leak, I-Soon's website included a page listing clients topped by the MPS and included 11 other provincial-level security bureaus and 40 other municipal-level public security departments.

The company’s website was fully offline later. An I-Soon representative refused an interview request and said the company would issue an official statement at an unspecified future date.

Cyber tools used to surveil dissidents, flood social media with propaganda

Chinese censorship bureaus can directly surveil Chinese social media platforms and order them to take down anti-government posts or to keep watch over individuals who may be troublemakers. China does not have this similar power on overseas sites like Facebook and X, formerly Twitter, where millions of Chinese individuals flock to evade state surveillance and censorship.

This is where I-Soon comes in, with its tools designed to curb dissent on overseas social media platforms and to flood them with pro-Chinese content.

“There’s a huge interest in social media monitoring and commenting on the part of the Chinese government,” said Mareike Ohlberg, a senior fellow in the Asia Program of the German Marshall Fund.

To control public opinion and forestall anti-government sentiment, Ohlberg said, control of critical posts domestically is pivotal. "Chinese authorities have a big interest in tracking down users who are based in China," she said.

The source of the leak could be "a rival intelligence service, a dissatisfied insider or even a rival contractor," said chief threat analyst John Hultquist of Google's cybersecurity division, Mandiant.

One leaked draft contract shows I-Soon was marketing "anti-terror" technical support to Xinjiang police to track the region's native Uyghurs who have migrated to Central and Southeast Asia. I-Soon also claimed it had access to a hacked airline and cellular and government data from multiple nations including Afghanistan, Malaysia, Mongolia and Thailand.

"We see a lot of targeting of organizations that are related to ethnic minorities – Tibetans, Uyghurs. A lot of the targeting of foreign entities can be seen through the lens of domestic security priorities for the government," said Dakota Cary, a China analyst with the cybersecurity firm SentinelOne.

Cary added that he believes the documents are legitimate because they align with what would be expected from a contractor hacking on behalf of China’s security apparatus with domestic political priorities.

Cary found a spreadsheet with a list of data repositories collected from victims and counted 14 governments as targets, including India, Indonesia and Nigeria. The documents indicate that I-Soon mostly supports the Ministry of Public Security, he said.

Cary was also struck by the targeting of Taiwan’s Health Ministry to determine its Wuhan coronavirus (COVID-19) caseload in early 2021 – and impressed by the low cost of some of the hacks. The documents show that I-Soon charged $55,000 to hack Vietnam’s economy ministry.

Watch this Feb. 22 episode of "The Alex Jones Show" on InfoWars as Alex Jones discusses how agents of Communist China are the prime suspects for AT&T's recent outage.

This video is from Polyxena Lobcovice on Brighteon.com

More related stories:

New documents reveal horrific conditions in illegal medical lab in California owned by Chinese firm.

China bans critical industries from purchasing Micron products for failing "cybersecurity review."

Cybersecurity expert successfully builds PROPAGANDA MACHINE that can mass produce AI-generated DISINFORMATION.

Sources include:

Independent.co.uk

InfoSecurity-Magazine.com

Brighteon.com



Take Action:
Support NewsTarget by linking to this article from your website.
Permalink to this article:
Copy
Embed article link:
Copy
Reprinting this article:
Non-commercial use is permitted with credit to NewsTarget.com (including a clickable link).
Please contact us for more information.
Free Email Alerts
Get independent news alerts on natural cures, food lab tests, cannabis medicine, science, robotics, drones, privacy and more.

NewsTarget.com © 2022 All Rights Reserved. All content posted on this site is commentary or opinion and is protected under Free Speech. NewsTarget.com is not responsible for content written by contributing authors. The information on this site is provided for educational and entertainment purposes only. It is not intended as a substitute for professional advice of any kind. NewsTarget.com assumes no responsibility for the use or misuse of this material. Your use of this website indicates your agreement to these terms and those published on this site. All trademarks, registered trademarks and servicemarks mentioned on this site are the property of their respective owners.

This site uses cookies
News Target uses cookies to improve your experience on our site. By using this site, you agree to our privacy policy.
Learn More
Close
Get 100% real, uncensored news delivered straight to your inbox
You can unsubscribe at any time. Your email privacy is completely protected.