Despite the practice of firms harvesting personal data from social media sites causing much alarm worldwide, a Shenzhen-based tech firm has been found harvesting the data of over 2.4 million people worldwide on behalf of the CCP and the PLA (People’s Liberation Army).
U.S academic Christopher Balding recently obtained a large trove of data from Chinese privacy activists which, he says, is part of a massive database maintained by Zhenhua Data, a Shenzhen-based technology firm that allegedly has links with the Chinese Communist Party and the PLA.
The database reportedly contained private and occupational details of as many as 2.4 million people that have been harvested from social media platforms. The list of people includes government officials, politicians, heads of states, and influential people in the United States, the UK, Australia, and India.
Australian cyber security consultancy Internet 2.0 has been able to recover the data of around 250,000 people from the datasets supplied by Chinese activists- including over 10,000 Brits, 52,000 Americans, 35,000 Australians, and over 10,000 Indians.
According to ABC News, the list of 35,000 Australians on the database includes state and federal politicians, military officers, diplomats, academics, civil servants, business executives, engineers, journalists, lawyers, and accountants. Among the Brits whose data was found on the database are Prime Minister Boris Johnson and his relatives, the royal family, as well as a number of celebrities, public figures, and military officials.
“Our team has an enormous amount of work provided to us that we are working through and intend to publicize about the authoritarian threat that is China under Chinese Communist Party rule. Reviewing the raw data, even Chinese “experts” continue to radically underestimate the investment in monitoring and surveillance tools dedicated to controlling and influencing, not just its domestic citizens and institutions, but assets outside of China,” Balding said in a blog post.
“What cannot be underestimated is the breadth and depth of the Chinese surveillance state and its extension around the world. The world is only at the beginning stages of understanding how much China invests in intelligence and influence operations using the type of raw data we have to understand their targets,” he added.
A representative from Zenhua Data told the Guardian that the firm does not collect any data but only integrates data that is already available on the Internet. “We are a private company, our customers are research organisations and business groups,” the firm said, dismissing any links with the CCP or the PLA.
This is not the first time that China has allegedly used hacker groups or technology firms to harvest the data of millions of people worldwide in furtherance of its international surveillance activities.
According to The New York Times, China’s Ministry of State Security sponsored the cyber attack on Marriott’s Starwood reservation system between 2014 and 2018 that resulted in the loss of approximately 339 million guest records globally, out of which around 30 million related to residents of 31 countries in the European Economic Area (EEA), and 7 million related to residents of the UK.
Ministry of State Security also carried out other widely-publicised hacking operations that targeted the U.S. Office of Personnel Management and Anthem, the largest health insurance firm in the United States. Sources also told NYT that China is also using such massive troves of data to “root out spies, recruit intelligence agents and build a rich repository of Americans’ personal data for future targeting”.
In 2018, a report published by Australian broadcaster Channel Nine and Fairfax media revealed that China’s top security agency was behind a large number of cyber-attacks that targeted Australian businesses and institutions in an operation dubbed “Operation Cloud Hopper“.
Operation Cloud Hopper was first detected and analysed in detail by cyber security experts at the UK’s National Cyber Security Centre (NCSC), BAE Systems, and PwC and it was then concluded that the hacker group (APT10) behind the operation had links to China’s People’s Liberation Army (PLA).
“The espionage campaign has targeted managed IT service providers (MSPs), allowing the APT10 group unprecedented potential access to the intellectual property and sensitive data of those MSPs and their clients globally.
“The sheer scale of the operation was uncovered through collaboration amongst organisations in the public and private sectors but is still only likely to reflect a small portion of APT10’s global operations. A number of Japanese organisations have also been targeted in a separate, simultaneous campaign by the same group, with APT10 masquerading as legitimate Japanese government entities to gain access,” said PwC.