A recent Chinese data leak has brought to light a large-scale attempt to hack UK government departments and other Western targets. The leaked internal files, allegedly from a Shanghai-based commercial surveillance company, contain a list of targets in Whitehall, including the Foreign Office. As UK intelligence agencies rush to assess the documents, concerns about Chinese infiltration of the UK government continue to grow.
The authenticity of the leaked documents is still under investigation, but Sam Dunning, director and founder of UK-China Transparency, believes that the leak is genuine. He pointed out that the Chinese Communist Party has created an ecosystem for industrial hacking in China, where cyber privateers compete to gather foreign data for the state. This revelation sheds light on the extensive efforts by the Chinese government to access sensitive information from Western governments and organizations.
The surveillance company at the center of the leak, known as iSOON, has allegedly been hired by the Chinese state to carry out hacking operations against high-profile targets, including Nato and the UK’s National Crime Agency. iSOON, also known as Axun, offers security consulting services, including cyber attack and defense strategies. The firm has received recognition from the Chinese Communist Party for its contributions to network security.
The leaked documents contain details of planned hacks on various UK government departments, think tanks, and charities, such as Chatham House and Human Rights Watch. The files suggest that iSOON employees identified vulnerabilities in the systems of these organizations and were preparing to exploit them. The leak also includes communications indicating the firm’s focus on obtaining data from the UK’s Foreign Office, suggesting a targeted effort to infiltrate sensitive government systems.
UK intelligence agencies are currently working to verify the authenticity of the leaked documents and address any potential vulnerabilities they may reveal in the UK’s infrastructure. The leak was initially posted on GitHub and subsequently shared by a Taiwanese security researcher, highlighting the international impact of the information exposed.
The leaked documents reveal the extensive spyware capabilities of iSOON, including tools for monitoring social media activity, malware for popular platforms like Microsoft Exchange and Apple, and devices disguised as battery packs for infiltrating mobile phones via shared Wi-Fi connections. The firm claims it can target both Android and iOS devices to gather a range of sensitive information, including GPS data, contacts, and media files.
Efforts to verify the leaked documents have included analyzing images and attempting to contact the owner of the iSOON website. However, the investigation is ongoing, and additional information is needed to fully understand the scope of the alleged hacking attempts. As UK intelligence agencies continue to investigate the data leak, the implications for national security and international relations remain a cause for concern.