UK government agencies, think tanks, businesses and charities also appear in the leaked i-Soon data.
Other documents hint at successful hacks of public bodies and businesses across Asia and Europe, but it is not yet clear if any were compromised.
The identity of the leaker is unknown.
i-Soon is one of many private companies that provide cyber security services for China’s military, police and security services.
It employs less than 25 staff at its Shanghai headquarters.
But can they actually?
Part of me wants to despair at this. I feel like our government is just totally inept and everything is just bad news. There was even a report in the Times this week that Russian hakers are going to take the NHS down - and given the Horizon scandal where its proven we’ve repeatedly gone with the lowest bidder, it wouldn’t surprise me.
However, I like to think there is someone in charge of all this who properly has their shit together and is smirking at this thinking ‘come and have a go if you think your hard enough’
I once did some training at a highly sensitive UK site (mandatory for the clearance I needed) and during the course we were told in no uncertain terms China was relentless in their spying and attack attempts. This was around 15 years ago.
There is loads of Chinese stuff on UK networks. I can believe Chinese, with backdoors, is in UK Foreign Office. US do it too. IT might be good, but people quietly bypass them for ease over security.
China claims a LOT of things. Poor paper tiger ‘country’.
When it comes to hacking, China is very capable. Along with the US, Russia and even North Korea (no, really), they are the main state actors.
However these days zero day exploits are more often written by private contractors (a lot in Argentina, for some reason) and then sold to nation states on discrete markets, rather than written by state actors themselves. It wasn’t the NSA who gave the FBI the ability to unlock an iPhone when they couldn’t compel Apple to do so through the courts.
There is a good article offering additional insights into the matter:
Chinese Hacking Contractor iSoon Leaks Internal Documents
An apparent leak of internal documents from a Chinese hacking contractor paints a picture of a disaffected, poorly paid workforce that nonetheless penetrated multiple regional governments and possibly NATO.
Setting the bar high I see.