Ministry of State Security revealed three data security breaches
A foreign spy agency hacked multiple Chinese airlines.
China’s Counter-Espionage Law 《中华人民共和国反间谍法》 was adopted on November 1, 2014. On the eve of its seventh anniversary, the Ministry of State Security 国家安全部 revealed three cases that it described as having "jeopardized the security of important data, aiming to further raise the society's awareness on non-traditional security, thus the public can jointly maintain national security."
Several days have passed but that has yet to make it into English-language news.
Whereas the U.S. and other western security sources are not infrequent contributors to Western media reports on China, usually detailing what’s described as Chinese influence, threats, espionage, or hacking, the same simply can’t be said of this side. Also, press content with those intelligence sources is almost always quite prominent in the news. With that in mind, your Pekingnologist believes the information on specific cases from the Chinese Ministry of State Security should be interesting as well.
Also, the three cases are about data, one of the hottest topics in the discourse revolving around intelligence these days. Plus, they are described with quite some details, though key information such as the specific foreign government is not available. That, alas, would have instantly launched breaking news.
Without further ado, below are translated from a Xinhua report in Chinese entitled 国家安全部公布三起危害重要数据安全案例 Ministry of State Security disclosed three cases where data security was jeopardized, released on Oct. 31, 2021.
Case 1: An airline’s data was stolen by a foreign spy agency via cyberattacks
In January 2020, an airline reported to State Security organs that the company’s information system had seen an anomaly and they suspected a cyberattack. The State Security organs immediately conducted a technical inspection and confirmed that relevant information systems had been attacked by cyber weapons. Multiple important servers and network equipment were implanted with special Trojan horse programs. Some passengers’ travel records and other data were stolen.
After further investigation, the State Security organs found that many other airlines’ information systems were subjected to the same type of cyber attack and data theft. After thorough investigation, it was confirmed that the relevant attack activities were carefully planned and secretly carried out by a foreign spy agency, which took advantage of multiple technical loopholes and used multiple network devices to hide its trace.
In response to this situation, the State Security organs promptly assisted relevant airlines in removing the implanted special Trojan horse programs, adjusted technologies and strategies to safeguard security, strengthened prevention measures, and ultimately prevented further expansion of the damage.
Case 2: An overseas company that provides consulting and investigative services secretly collected and stole shipping data
In May 2021, the State Security organs discovered that an overseas consulting and investigative company frequently contacted the managers of China’s major shipping companies and those of agency service companies via the Internet, phone, and other means. This company also established “cooperation” with dozens of personnel in China, in the name of hiring industry consultants with high remuneration, and instructed them to extensively collect and provide basic data on China's shipping and cargo information on specific ships, among other information.
The personnel handling this case from the State Security organs further investigated the case and discovered that the relevant overseas consulting and investigative company has a close relationship with its home country's spy agency, from which it has contracted a large number of intelligence collection and analysis tasks. All the shipping data obtained via the personnel in our country was provided to the country's spy intelligence agency.
In order to prevent further relevant damages, the State Security organs promptly warned and educated relevant personnel in China, and ordered their employers to strengthen internal personnel management and data security protection measures. At the same time, the relevant activities of the foreign consulting and investigative company were investigated and dealt with in accordance with the law.
Case 3: Li and others set up meteorological observation equipment without authorization to collect and transmit sensitive meteorological data overseas.
In March 2021, the State Security organs discovered a suspicious meteorological observation device built around an important military base in the country, which has the function of collecting accurate location information and various types of meteorological data. The collected data was directly transmitted overseas.
The State Security organs investigated it and found out that the relevant meteorological observation equipment was purchased online and set up by Li on his own (without notice to or permission from the authorities). More than 100 sets of similar equipment have been sold to many places across the country, some of which set up around important areas of our country, and the data collected through the relevant equipment have been transmitted overseas to the website of a meteorological observing organization.
The foreign meteorological observation organization was actually initiated by a government department of a certain country in the name of scientific research, and an important task of this department is to collect and analyze global meteorological data to provide services for its military.
The State Security organs and relevant government departments jointly carried out law enforcement and ordered relevant people to dismantle the equipment immediately, eliminating potential risks.
In the end, the Ministry of State Security encourages people with tips to call the number 12339 or log on to the Ministry’s online reporting platform (there’s an English option, by the way:)