A leading Chinese security firm has accused the CIA of hacking local businesses and government agencies for the past 11 years.
In a new report, Qihoo 360 claims the US intelligence agency targeted several industries including aviation organizations, scientific research institutions, petroleum firms, internet companies, and government agencies. The attacks took place between September 2008 and June 2019, and were mainly distributed in Beijing, Guangdong, and Zhejiang.
The research links the attacks to former CIA employee Joshua Adam Schulte, who is currently facing trial for allegedly feeding Wikileaks a cache — more commonly referred to as Vault 7 — of government-developed intelligence tools. Indeed, Qihoo notes it analyzed Vault 7 files to trace back the attacks to a CIA-associated hacking group, codenamed APT-C-39.
“We speculate that in the past eleven years of infiltration attacks, CIA may have already grasped the most classified business information of China, even of many other countries in the world,” the report reads. “It does not even rule out the possibility that now CIA is able to track down the real-time global flight status, passenger information, trade freight, and other related information.”
The security firm claims APT-C-39 was caught using spying tools exclusively developed by the CIA. It also notes some hacking techniques it relied on can be traced back to the NSA.
This is hardly the first time the CIA has been accusing of spying on China, as ZDNet points out.
In September 2019, security firm Qi An Xin published a similar report, linking the CIA to a series of attacks targeting Chinese aviation agencies between 2012 and 2017.