Zhenhua Data leak

Last updated

Shenzhen Zhenhua Data Information Technology Co is a big data scraping company that provides open-source intelligence profiling and threat intelligence services. The company is reported to be owned by China Zhenhua Electronics Group, which is owned by China Electronics Corporation (CEC), a state-owned military research enterprise. [1] While the data Zhenhua uses is publicly available data, Zhenhua's usage of that data is a security concern to western countries. The company claims to work with the Chinese government, including Chinese intelligence agencies and the military. [2] [3] Zhenhua Data's CEO has publicly supported "hybrid warfare" and "psychological warfare". [4] Winston Peters, the Foreign Affairs Minister of New Zealand, stated that it would be 'naive' to think there was no connection to the Chinese state. [5]

In September 2020, a data leak revealed that Zhenhua was globally monitoring over 2.4 million people. The databases, collectively called the Overseas Key Information Database (OKIDB), was leaked to an American academic who shared the data with Internet 2.0, an Australian-based cybersecurity consultancy. On 14 September 2020, a consortium of media outlets published the findings. [6] [7] Researchers found out that about 20% of the data was not from open source locations. [8] Investigation by journalists in New Zealand found that some people with no online presence were profiled in the database. [9]

There have been "conflicting assessments" of the value of the data, from it being an entirely "aspirational" venture, to it being a small peek into the world of hybrid warfare and psychological warfare being waged by the Chinese. [7] [8]

Internet 2.0 recovered a quarter of a million people from OKIDB, including about 52,000 Americans, 35,000 Australians and 10,000 Britons. [10] Prominent people in the database include prime ministers Boris Johnson and Scott Morrison, [2] the President of Austria Alexander Van der Bellen and their families. [11] One of Hungarian Prime Minister Viktor Orbán's children appears on the list as well. [12] Australians in the database include Natalie Imbruglia, Larry Anthony, Emma Husar, Ellen Whinnett and Junaid Thorne. [8] Around 10,000 people and organisations from India were also on the list, including senior India diplomats such as Harsh Vardhan Shringla and Sanjeev Singla, policymakers such as Amitabh Kant, academics such as Romila Thapar, and sportspeople such as Sachin Tendulkar. [13] [14] Numerous Indian think-tanks were also being monitored. [14]

A threat intelligence organisation published a report on Zhenhua Data's operation and found a number of monitoring systems that were publicly accessible. [15] The report found real-time monitoring of social media such as LinkedIn, TikTok, Facebook, Twitter and online forums, and discovered an "Internet Big Data Military Intelligence System". This system tracks US warships in real-time and profiles the personnel on board, weapons being carried, LinkedIn profiles etc. This may be related to a previous story published by the NYT titled "How China Uses LinkedIn to Recruit Spies Abroad". [16] The firm also found keywords that were being used to target US Embassy-supported activists in Hong Kong, which included political organisations, famous events and protestors.

See also

Related Research Articles

<span class="mw-page-title-main">Surveillance</span> Monitoring something for the purposes of influencing, protecting, or suppressing it

Surveillance is the monitoring of behavior, many activities, or information for the purpose of information gathering, influencing, managing or directing. This can include observation from a distance by means of electronic equipment, such as closed-circuit television (CCTV), or interception of electronically transmitted information like Internet traffic. It can also include simple technical methods, such as human intelligence gathering and postal interception.

Computer and network surveillance is the monitoring of computer activity and data stored locally on a computer or data being transferred over computer networks such as the Internet. This monitoring is often carried out covertly and may be completed by governments, corporations, criminal organizations, or individuals. It may or may not be legal and may or may not require authorization from a court or other independent government agencies. Computer and network surveillance programs are widespread today and almost all Internet traffic can be monitored.

<span class="mw-page-title-main">Mass surveillance</span> Intricate surveillance of an entire or a substantial fraction of a population

Mass surveillance is the intricate surveillance of an entire or a substantial fraction of a population in order to monitor that group of citizens. The surveillance is often carried out by local and federal governments or governmental organizations, such as organizations like the NSA, but it may also be carried out by corporations. Depending on each nation's laws and judicial systems, the legality of and the permission required to engage in mass surveillance varies. It is the single most indicative distinguishing trait of totalitarian regimes. It is also often distinguished from targeted surveillance.

<span class="mw-page-title-main">New Zealand Security Intelligence Service</span> National intelligence agency of New Zealand

The New Zealand Security Intelligence Service is New Zealand's primary national intelligence agency. It is responsible for providing information and advising on matters including national security and foreign intelligence. It is headquartered in Wellington and overseen by a Director-General, the Minister of New Zealand Security Intelligence Service, and the parliamentary intelligence and security committee; independent oversight is provided by the Inspector-General of Intelligence and Security.

<span class="mw-page-title-main">Government Communications Security Bureau</span> New Zealand signals intelligence agency

The Government Communications Security Bureau is the public-service department of New Zealand charged with promoting New Zealand's national security by collecting and analysing information of an intelligence nature. The GCSB is considered to be New Zealand's most powerful intelligence agency, and has been alleged to have conducted more espionage and data collection than the country's primary intelligence agency, the less funded NZSIS. This has at times proven controversial, although the GCSB does not have the baggage of criticism attached to it for a perceived failure to be effective like the NZSIS does. The GCSB is considered an equivalent of GCHQ in the United Kingdom or the NSA in the United States.

The Government of China is engaged in espionage overseas, directed through diverse methods via the Ministry of State Security (MSS), the Ministry of Public Security (MPS), the United Front Work Department (UFWD), People's Liberation Army (PLA) via its Intelligence Bureau of the Joint Staff Department, and numerous front organizations and state-owned enterprises. It employs a variety of tactics including cyber espionage to gain access to sensitive information remotely, signals intelligence, human intelligence as well as influence operations through united front activity targeting overseas Chinese communities and associations. The Chinese government is also engaged in industrial espionage aimed at gathering information and technology to bolster its economy, as well as transnational repression of dissidents abroad such as supporters of the Tibetan independence movement and Uyghurs as well as the Taiwan independence movement, the Hong Kong independence movement, Falun Gong, pro-democracy activists, and other critics of the Chinese Communist Party (CCP). The United States alleges that the degree of intelligence activity is unprecedented in its assertiveness and engagement in multiple host countries, particularly the United States, to which various US officials contend economic damages, prosperity and stolen innovations have resulted in $US320-445 billion annually since its inception and activities.

<span class="mw-page-title-main">Five Eyes</span> Intelligence alliance

The Five Eyes (FVEY) is an Anglosphere intelligence alliance comprising Australia, Canada, New Zealand, the United Kingdom, and the United States. These countries are parties to the multilateral UK-USA Agreement, a treaty for joint cooperation in signals intelligence. Informally, Five Eyes can also refer to the group of intelligence agencies of these countries.

Foreign espionage in New Zealand, while likely not as extensive as in many larger countries, has nevertheless taken place. The New Zealand Security Intelligence Service (NZSIS), which has primary responsibility for counter-intelligence work, states that there are foreign intelligence agents working in New Zealand today.

Palantir Technologies Inc. is a public American company that specializes in software platforms for big data analytics. Headquartered in Denver, Colorado, it was founded by Peter Thiel, Nathan Gettings, Joe Lonsdale, Stephen Cohen, and Alex Karp in 2003. The company's name is derived from The Lord of the Rings where the magical palantíri were "seeing-stones," described as indestructible balls of crystal used for communication and to see events in other parts of the world.

Cyberwarfare by China is the aggregate of all combative activities in the cyberspace which are taken by organs of the People's Republic of China, including affiliated advanced persistent threat groups, against other countries.

Lords of Dharmaraja is the name of a hacker group, allegedly operating in India. This group came into the limelight for threatening to release the source code of Symantec's product Norton Antivirus, and for allegations on Government of India "arm-twisting" international mobile manufacturers to spy on United States-China Economic and Security Review Commission(USCC). Symantec has confirmed that the Symantec Endpoint Protection 11.0 and Symantec Antivirus 10.2 version source code has been compromised and obtained by the group, while United States authorities are still investigating allegations suspecting India's hand in spying.

<span class="mw-page-title-main">PRISM</span> Mass surveillance program run by the NSA

PRISM is a code name for a program under which the United States National Security Agency (NSA) collects internet communications from various U.S. internet companies. The program is also known by the SIGAD US-984XN. PRISM collects stored internet communications based on demands made to internet companies such as Google LLC and Apple under Section 702 of the FISA Amendments Act of 2008 to turn over any data that match court-approved search terms. Among other things, the NSA can use these PRISM requests to target communications that were encrypted when they traveled across the internet backbone, to focus on stored data that telecommunication filtering systems discarded earlier, and to get data that is easier to handle.

<span class="mw-page-title-main">Mass surveillance in the United States</span>

The practice of mass surveillance in the United States dates back to wartime monitoring and censorship of international communications from, to, or which passed through the United States. After the First and Second World Wars, mass surveillance continued throughout the Cold War period, via programs such as the Black Chamber and Project SHAMROCK. The formation and growth of federal law-enforcement and intelligence agencies such as the FBI, CIA, and NSA institutionalized surveillance used to also silence political dissent, as evidenced by COINTELPRO projects which targeted various organizations and individuals. During the Civil Rights Movement era, many individuals put under surveillance orders were first labelled as integrationists, then deemed subversive, and sometimes suspected to be supportive of the communist model of the United States' rival at the time, the Soviet Union. Other targeted individuals and groups included Native American activists, African American and Chicano liberation movement activists, and anti-war protesters.

<span class="mw-page-title-main">2010s global surveillance disclosures</span> Disclosures of NSA and related global espionage

During the 2010s, international media news reports revealed new operational details about the Anglophone cryptographic agencies' global surveillance of both foreign and domestic nationals. The reports mostly relate to top secret documents leaked by ex-NSA contractor Edward Snowden. The documents consist of intelligence files relating to the U.S. and other Five Eyes countries. In June 2013, the first of Snowden's documents were published, with further selected documents released to various news outlets through the year.

<span class="mw-page-title-main">Reactions to global surveillance disclosures</span>

The global surveillance disclosure released to media by Edward Snowden has caused tension in the bilateral relations of the United States with several of its allies and economic partners as well as in its relationship with the European Union. In August 2013, U.S. President Barack Obama announced the creation of "a review group on intelligence and communications technologies" that would brief and later report to him. In December, the task force issued 46 recommendations that, if adopted, would subject the National Security Agency (NSA) to additional scrutiny by the courts, Congress, and the president, and would strip the NSA of the authority to infiltrate American computer systems using "backdoors" in hardware or software. Geoffrey R. Stone, a White House panel member, said there was no evidence that the bulk collection of phone data had stopped any terror attacks.

<span class="mw-page-title-main">Global surveillance</span> Mass surveillance across national borders

Global mass surveillance can be defined as the mass surveillance of entire populations across national borders.

<span class="mw-page-title-main">Mass surveillance in India</span> Overview of mass surveillance in India

Mass surveillance is the pervasive surveillance of an entire or a substantial fraction of a population. Mass surveillance in India includes Surveillance, Telephone tapping, Open-source intelligence, Lawful interception, and surveillance under Indian Telegraph Act, 1885.

<span class="mw-page-title-main">China Electronics Technology Group Corporation</span> Chinese state-owned electronics company

China Electronics Technology Group Corporation is a Chinese state-owned company established in 2002. Its fields include communications equipment, computers, electronic equipment, IT infrastructure, networks, software development, research services, investment and asset management for civilian and military applications. It was founded with the stated goal of leveraging civilian electronics for the benefit of the People's Liberation Army.

References

  1. Probyn, Andrew; Doran, Matthew (September 14, 2020). "China's 'hybrid war': Beijing's mass surveillance of Australia and the world for secrets and scandal". Australian Broadcasting Corporation . Retrieved September 26, 2020.
  2. 1 2 Hurst, Daniel; Kuo, Lily; Graham-McLay, Charlotte (2020-09-14). "Zhenhua Data leak: personal details of millions around world gathered by China tech company". The Guardian. Retrieved 2020-09-17.
  3. Mazoomdaar, Jay; Iyer, P Vaidyanathan (2020-09-16). "China is watching — Hybrid warfare: What data they collect, why it's cause for concern". The Indian Express. Retrieved 2020-09-17.
  4. Graham, Ben (2020-09-15). "Zhenhua Data: 35,000 Aussies being spied on by China". News.com.au. Archived from the original on 2020-09-15. Retrieved 2020-09-17.
  5. "Zhenhua Data collection 'disquieting in the extreme' - Winston Peters". Radio New Zealand . 2020-09-17. Archived from the original on 2020-09-15. Retrieved 2020-09-17.
  6. Shih, Gerry. "Chinese firm harvests social media posts, data of prominent Americans and military". Washington Post. ISSN   0190-8286 . Retrieved 2020-09-17.
  7. 1 2 "Zhenhua Data leak: From Narendra Modi to Ratan Tata, here's the list of prominent Indians China spied on". The Economic Times. 14 September 2014. Retrieved 2020-09-17.
  8. 1 2 3 Graham, Ben (2020-09-14). "China spying on huge number of Aussies". Gold Coast Bulletin. Retrieved 2020-09-17.
  9. Graham, Ben (2020-09-14). "Details of citizens from Pacific island nations harvested by Chinese technology firm". 1 News. Retrieved 2020-09-17.
  10. "China's mass surveillance of 35,000 Australians revealed". www.abc.net.au. 2020-09-13. Retrieved 2020-09-17.
  11. Csekö, Balazs; Sulzbacher, Markus (2020-10-20). "Zhenhua Files": Chinesische Datensammler spähen österreichische Politik aus". Der Standard. Retrieved 2020-10-28.
  12. Keller-Alánt, Ákos (2020-10-13). "Orbán, Rogán és Kósa gyerekei is szerepelnek a kínai adatbázisban". Szabad Európa. Retrieved 2020-10-28.
  13. "Shenzhen panopticon: The who's who of India were sitting ducks for a China tech company, reveals report". The Economic Times. 14 September 2020. Retrieved 2020-09-17.
  14. 1 2 M, Kaunain Sheriff; Mazoomdaar, Jay; Iyer, P Vaidyanathan (2020-09-17). "Express Investigation Part-4: Foreign secy, Niti CEO on list; Facebook bans Zhenhua Data". The Indian Express. Retrieved 2020-09-17.
  15. "Investigating Chinese Intelligence Firm Zhenhua Data". ShadowMap. 2020-09-17. Retrieved 2020-09-22.
  16. Wong, Edward (2019-09-27). "How China Uses LinkedIn to Recruit Spies Abroad". The New York Times. ISSN   0362-4331 . Retrieved 2020-09-22.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.