4 July 2024

China is turning to private firms for offensive cyber operations

MATT BRAZIL and PETER W. SINGER

Recent leaks and other revelations about Beijing’s use of hacking companies are shedding light on how privatization with Chinese characteristics is changing the government’s intelligence operations.

In February, 577 documents stolen from the Chinese hacking firm iS00N were dumped onto GitHub. The Microsoft-owned developer hub quickly removed the files, but not before analysts and media around the world were touting the “first-of-its-kind” look.

The leak was hardly the first revelation that private companies have been handling the kind of offensive cyber operations that were once the exclusive purview of government agencies. In 2015, a 400GB data dump exposed such efforts by the Italian Hacking Team. In 2021, a worldwide news consortium documented efforts by the Israeli NSO Group and others to help authoritarian regimes and private clients target tech firms and democracies around the world. And last year, the Carnegie Endowment compiled a list of 193 publicly reported instances of privatized offensive cyber-attacks executed by 40 firms, including six Chinese companies.

No comments: