Opinion | China’s i-Soon data leak exposes risks of outsourcing state spy operations to hackers for hire

A massive data leak that hit a Chinese cybersecurity firm earlier this month, exposing alleged hacking and intelligence operations, has showcased how even China’s spy agencies rely on private contractors to do its bidding.

On February 16, a total of 571 files allegedly containing hacking exploits and internal conversations from Shanghai Anxun Information Company (i-Soon) appeared on open-source repository GitHub, revealing what The New York Times called “a rare look inside the secretive world of China’s state-backed hackers for hire”.

Like past incidents involving compromising data leaks, this data set took on a life of its own. Despite swift action by GitHub to block access to the leaked data over policy violations, the repercussions will echo across intelligence agencies, media circles, academia and security pundits for the foreseeable future.

According to specialists that have analysed the data dump, it exposes global operations to target entities on behalf of various Ministry of Public Security outposts – as well as Shanghai Anxun’s role in training police across China to hack into foreign databases, in a case reminiscent of Edward Snowden’s revelations.

Blurring the line between security and military functions is a perilous boundary easily breached by private security firms in cyberspace. Unconcerned with being labelled as private military entities or worse, cyber mercenaries, they operate with impunity.

Unlike their counterparts with boots on the ground, who face swift repercussions for enhancing the foreign military capabilities of sanctioned governments or non-state actors, those in the cyber realm operate in a murky landscape devoid of enforceable international regulations.