30 Sep China scrapes the socials
ABC News called it “China’s Hybrid War” and the Guardian said, “Personal details of millions” collected by a China tech company. And I said, “this isn’t new.” Silicon Valley has been collecting data like this for decades and we barely blink let alone have a media outpouring of surveillance fear. So, what’s different?
The database in question was leaked to Professor Christopher Balding, in America, and contained a collection of approximately 2.4 million profiles scraped from various social media accounts and then coalesced into neat individual profile packages. The company, Zhenhua, say ‘our data’ is in the public domain but that’s not entirely true; some information collected came from other sources, not in the public domain, like psychological profiles, criminal records, bank account details and the darknet.
Zhenhua denied all allegations saying that this is “data integration”. According to Zhenhua, their business model and who they partner with is confidential, they are a private company. They also denied any link to China’s intelligence or military, although 2 of their clients, according to ABC News, are the People’s Liberation Army and the Chinese Communist Party.
Prof. Christopher Balding was previously based in Shenzen and returned to the USA for security reasons. He worked with a Canberran based security company, Internet 2.0, to retrieve and analyse the data and they alerted, Australian Financial Review and UK based media outlet, Daily Telegraph to report their findings.
AFR believe this hack is different because the people and organisations on the Overseas Key Individuals Database (OKIDB) created by Zhenhua are being targeted for specific intelligence intentions. The targets are either connected to an industry of interest, like space or big data, or have vulnerabilities that will make them good fodder for manipulation. Normally this kind of data compilation is an in-house governmental endeavour but this time China has outsourced the ambitious scraping of data to a private company for state based objectives. Are you on the list?
Faster Networks help businesses protect their digital assets. We are a cyber security partner that brings the best software solutions that anticipate and fix digital vulnerabilities. Our areas of expertise includes Vulnerability Management, Security Orchestration Automation and Response (SOAR), Application Security, Infrastructure Security, Distributed Denial of Service (DDoS) Protection and Application Pentesting.