China tech firm claimed it could hack Foreign Office
A leaked document indicates a Chinese cybersecurity company boasted it could infiltrate the UK's Foreign Office.
The leak also lists various UK entities as potential targets. The origin of the leak is uncertain, and while China disavows knowledge and condemns cyberattacks, the situation is under investigation. The BBC is awaiting the UK government's response.
The leaked content came from i-Soon, a small Shanghai-based firm linked to Chinese security services, and was uploaded to GitHub on February 16. Security experts believe the leak is authentic, exposing i-Soon's efforts over eight years to access data within the UK, France, and several Asian countries.
Documents include a case where a Chinese government entity paid to breach the Vietnamese traffic police's website and another proposing disinformation campaign software for significant cost.
Discussions in the leaked chats include prioritizing the UK Foreign Office as a target, with individuals coordinating hacking efforts and discussing payments for information.
This exposure provides insight into the privatized aspect of China's cyber espionage, which usually involves multiple agencies. The motive for the leak is unclear; it could be an internal whistleblower, foreign interference, or sabotage by a competitor.
The leak highlights the private sector's involvement in intelligence operations, which is rarely disclosed.