DailyPost 2709
I-SOON – HACKERS FOR SALE!
Every worthwhile which hits the international media speaks of the cyber modus operandi, nature of data stolen, which could be likely perpetrator – known ransomware gangs, whether some data is on display in the Dark Web, ransom, and what could likely nature of monetization and leaks. Might be a second breach too. These are not the reference points in the recent breach /data leak from a Chinese cybersecurity firm I-Soon, the points to ponder are different, but certainly, the ones world has been thinking of, with regards China for quite some time. Those fears have been confirmed by this data leak. I-Soon is yet to confirm if the leak has been genuine.
This massive data leak has a totally different story to tell. The tale of its services and the services being offered to whom. This unravels the wheeling dealing of the Beijing linked hackers. That the state actors are all around and these firms, the current one being a midsized cyber security firm are subsumed into it. This is new order, the new cyber security reality. What can we infer from the leaked data? It clearly spelt out, that the company was an extended arm of the government. How many such companies add up in the government Chinese cyber security ecosystem.
The leaked data has since been removed from the online software repository GitHub, where it had been posted. Based on the data leak, hacking of foreign governments has been talked about, and it’s clear that every day the workers at I-Soon were targeting a big fish. The leak made it very clear that government agencies from China’s neighbors, including Kyrgyzstan, Thailand, Cambodia, Mongolia and Vietnam, had websites and email servers compromised. The list of targets is impressive and long, ranging from the British government to Thai ministries.
They also seemed to have gained access to telecom service providers in Pakistan, Kazakhstan, Mongolia, Thailand and Malaysia. India is also named as a key target for “infiltration.” Given the nature of services they provided, who were I-Soon’s customers? Most were provincial and local police departments, and also state level state security agencies, who are “responsible for protecting the Communist Party from perceived threats to its rule. The firm offered services to protect you device and secure communications, with many contracts listed as “ non-secret.” As per staffers the main focus was on making “trojan horses”. One staffer said, “At the moment, the trojan horses are mainly customized for Beijing’s state security department.”
GAINING CYBER SECURITY SUPREMACY BY ANY MEANS, SEEMS TO HAVE BECOME A STATE POLICY IMPERATIVE.
Sanjay Sahay
Have a nice evening.