The “Boring” Work of China’s Spies

 

In the 2008 film remake of the classic 1960s sitcom Get Smart, Maxwell Smart (Steve Carell) unpacks in painstaking detail a conversation between two Iranian terrorists regarding their favourite flavour of breakfast muffin. To the dismay of his colleagues at CONTROL, Smart warns: “[b]ear in mind that the next 100 pages can get a little bit dry”. Though a humorous and fictional scene, a recent cybersecurity leak has revealed that perhaps for China’s spies, this monotonous and painstaking wading through the detail is not far off from the truth.

 

The leak in question of more than 500 files is from the Chinese firm I-Soon. At first glance, walking by I-Soon’s office building in Chengdu in China’s south-western Sichuan province would not raise much of an alarm. However, I-Soon belongs to a network of private companies that basically operate as ‘hackers for hire’ – a network that the FBI claims is the biggest of any country.

Image Credit: The I-Soon office building in Chengdu in China’s south-western Sichuan province (Dake Kang/AP)

The leaks reveal 80 of I-Soon’s targets from 2020 to 2023. Some of the targets discussed include networks in Hong Kong and Taiwan, NATO, think tanks, and the foreign affairs ministries of ASEAN countries. In one example, I-Soon was paid $85K AUD to obtain access to the email inboxes of ten targets. Moreover, the leak revealed that I-Soon had several specific contracts with particularly interesting clients – local police departments and a Chinese public security bureau. 

For many employees at I-Soon, the work of these hackers however is not glamorous and is a far cry from the hackers one might picture in a Hollywood film or a 2am repeat episode of NCIS. Instead, the work is described to be ‘boring’. Employees are tasked with ‘mass data harvesting’ and are required to hoover up as much information as they can find in the hope that some of it ‘might be useful’. Additionally, the leaks do not paint a great picture of the office culture in I-Soon (a likely cause of the leak from a presumed disgruntled staff member). Employee chat logs include complaints about office politics, poor office management, and disputes with a supervisor over salaries.

Though it may be boring work for I-Soon employees, the revelations are frightening for their targets. Abdul Rahman Yaacob, a research fellow at the Lowy Institute’s Southeast Asia Program, has stated that the main point of the data harvesting is to gain a wholistic picture of the military developments and security status of a target. In this regard, details matter. When a hacker finds a needle in a haystack, it can be worth a lot. 

Even ‘boring’ details can be used to piece together a larger, much more important picture.

6 April 2024 | Authored by Connor Andreatidis, Consultant, Precision Public Affairs

Related Posts

PPA honoured to attend Commando Welfare Trust Black Tie Dinner 2022

Precision Public Affairs was honoured to attend and support the Annual Commando Welfare Trust Black Tie Dinner last week at Doltone House Darling Island.

PPA Client AIM Defence opens Indoor Directed Energy Range with DPM

Deputy Prime Minister and Minister for Defence, the Hon Richard Marles MP, together with AIM’s local Member for Gorton and Minister for Skills and Training the Hon Brendan O’Connor MP, officially opened AIM’s new Indoor Directed Energy Range.

Thomas Global Systems at Land Forces 22

Precision client Thomas Global Systems is at Land Forces 22 at their stand 3C7.