Advertisement

The reported leak of Chinese hacking documents supports experts' warnings about how compromised the US could be

A hacker (left) and Chinese leader Xi Jinping (right).
More than 570 documents that appeared to come from a Chinese hacking group were posted to GitHub last week.boonchai wedmakawand via Getty Images; Didier Lebrun/Photonews via Getty Images
  • More than 570 documents reported to be from a Chinese state-backed hacking group were posted online.

  • They mentioned targets in at least 20 countries and territories, The Washington Post reported.

  • Officials have issued repeated warnings about China's hacking operations.

A reported trove of leaked Chinese hacking documents may have given the world a glimpse of how widespread and effective China's hacking operations could be.

More than 570 files and documents were posted to the developer platform GitHub last week, The Washington Post reported. They appear to document hacking activity across multiple countries and come from iSoon, which the Post identified as a private security contractor with ties to China's Ministry of Public Security.

"We have every reason to believe this is the authentic data of a contractor supporting global and domestic cyber espionage operations out of China," a cybersecurity expert, John Hultquist, told the Post.

On Wednesday, the Associated Press reported that China's police were investigating the leak, citing two unnamed iSoon employees it spoke with. The employees told the AP that the documents belonged to the group.

The files mentioned targets ranging from government agencies to businesses such as telecommunications firms in at least 20 foreign countries and territories including the UK, India, South Korea, Thailand, and Malaysia, the Post reported.

The hackers had claimed to be able to exploit vulnerabilities in software made by companies including Microsoft and Google, per the Post. (The Post said that Microsoft didn't respond to a request for comment and that Google said the documents didn't mention specific vulnerabilities in its software.)

A Google spokesperson told Business Insider that in addition to the files not mentioning specific vulnerabilities in Google's software, the documents describe standard malware techniques that are well-known to the company's security teams. A representative for Microsoft declined to comment when approached by Business Insider.

While the Post's report didn't mention any US targets, the files align with repeated warnings from security officials and experts on China's hacking operations.

The FBI chief, Christopher Wray, told "60 Minutes" in October that China was running "the biggest hacking program in the world."

Wray said China had "stolen more of our personal and corporate data than every nation, big or small, combined."

And when it comes to tackling the threat posed by Chinese hackers, Wray said the FBI was finding itself outnumbered.

"If each one of the FBI's cyber agents and intelligence analysts focused exclusively on the China threat, China's hackers would still outnumber FBI cyber personnel by at least 50 to 1," Wray told lawmakers last month.

Representatives for China's foreign ministry didn't immediately respond to a request for comment from Business Insider.

Correction: February 22, 2024 — This story was updated to clarify that The Washington Post had characterized a hacking group's ability to exploit vulnerabilities in companies' software as claims, not as fact, and to note the Post's efforts to contact Microsoft and Google about the claims. An earlier version of this story also misspelled the surname of a cybersecurity expert interviewed by the Post. It's John Hultquist, not John Hultquitist.

February 23, 3:45 a.m. — This story has been updated with responses from Microsoft.

Read the original article on Business Insider